WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

explorer keeps restarting, no thumbnails, start menu not working [Solv

Started by Squirrel1693 , Jun 04 2012 01:38 PM

This topic is locked

16 replies to this topic

#1 Squirrel1693

Authentic Member

Authentic Member
20 posts

Posted 04 June 2012 - 01:38 PM

Here is the hijackthis log :notworthy:

Thank You

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:27:10 PM, on 2012/06/04
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files\Toshiba TEMPRO\TemproTray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe
C:\Program Files\Lexmark 5600-6600 Series\lxduMsdMon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\ProgramData\GameXN\GameXNGO.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Users\Quintin\AppData\Local\Facebook\Messenger\2.1.4520.0\FacebookMessenger.exe
C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_233_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\explorer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Quintin\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.up.ac.za...ate=r4op2y86x_4
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
R3 - URLSearchHook: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: BitTorrentBar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: RewardsArcadeSuite - {B6EF6C45-5E8D-4c3b-B580-A5073261A381} - C:\Program Files\RewardsArcadeSuite\RewardsArcadeSuite.dll
O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O2 - BHO: Lexmark Printable Web - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O3 - Toolbar: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll
O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll
O4 - HKLM\..\Run: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
O4 - HKLM\..\Run: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
O4 - HKLM\..\Run: [NBAgent] "c:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe /FORPCEE3
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [KeNotify] "C:\Program Files\TOSHIBA\Utilities\KeNotify.exe" LPCM
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [SmartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
O4 - HKLM\..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaReminder.exe
O4 - HKLM\..\Run: [lxdumon.exe] "C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe"
O4 - HKLM\..\Run: [lxduamon] "C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe"
O4 - HKLM\..\Run: [Lexmark 5600-6600 Series Fax Server] "C:\Program Files\Lexmark 5600-6600 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [Iusage] C:\PROGRA~1\INTERN~2\nonetdet.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
O4 - HKLM\..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
O4 - HKLM\..\Run: [Panda Security URL Filtering] "C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKCU\..\Run: [NvCplDaemonTool] rundll32.exe C:\Users\Quintin\eqload06.dll,_IWMPEvents
O4 - HKCU\..\Run: [Google Update] "C:\Users\Quintin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Rim.DesktopHelper.exe] C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.DesktopHelper.exe
O4 - HKCU\..\Run: [GameXN (update)] "C:\ProgramData\GameXN\GameXNGO.exe" /u
O4 - HKCU\..\Run: [GameXN (news)] "C:\ProgramData\GameXN\GameXNGO.exe" /n
O4 - HKCU\..\Run: [GameXN] "C:\ProgramData\GameXN\GameXNGO.exe" /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Quintin\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - Startup: Facebook Messenger.lnk = Quintin\AppData\Local\Facebook\Messenger\2.1.4520.0\FacebookMessenger.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoft...s/as2stubie.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{49B0D569-8DCA-40DB-A6A4-092666179C7D}: NameServer = 196.207.36.251 196.207.36.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{49B0D569-8DCA-40DB-A6A4-092666179C7D}: NameServer = 196.207.36.251 196.207.36.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{49B0D569-8DCA-40DB-A6A4-092666179C7D}: NameServer = 196.207.36.251 196.207.36.254
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxduCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxduserv.exe
O23 - Service: lxdu_device - - C:\Windows\system32\lxducoms.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~1\mcafee\SITEAD~1\McSACore.exe
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - c:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: Vodafone Mobile Broadband Service (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe

--
End of file - 19025 bytes

QRAyres

Advertisements

Register to Remove

#2 Conspire

SuperHelper

Retired Classroom Teacher
5,806 posts

Posted 06 June 2012 - 08:39 AM

**In any case where you happen to be busy or unable to give us a reply, we would be grateful if you keep us informed in advance and we will be more than happy to wait. Failure to do so we will have your thread closed in THREE(3) days.

Hello there, Squirrel1693

:welcome:

I'm Conspire, I'll be glad to help you with your computer problems.

Please observe these rules while we work:

Read the entire procedure
It is important to perform ALL actions in sequence.
If you don't know, stop and ask! Don't keep going on.
Please reply to this thread. Do not start a new topic.
Stick with me till you're given the all clear.
Remember, absence of symptoms does not mean the infection is all gone.
Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.

IMPORTANT NOTE : Please do not delete anything unless instructed to. Remember to backup all your important data(if possible) before moving on.

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may

#3 Conspire

SuperHelper

Retired Classroom Teacher
5,806 posts

Posted 06 June 2012 - 08:40 AM

Hello there,

Download OTL to your Desktop

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Click on Minimal Output at the top
Download the following file scan.txt to your Desktop. Click here to download it. You may need to right click on it and select "Save"
Double click inside the Custom Scan box at the bottom
A window will appear saying "Click OK to load a custom scan from a file or Cancel to cancel"
Click the OK button and navigate to the file scan.txt which we just saved to your desktop
Select scan.txt and click Open. Writing will now appear under the Custom Scan box
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

===================================================

Posted Image

Please download GMER from one of the following locations, and save it to your desktop:
Main Mirror
This version will download a randomly named file (Recommended)
Zip Mirror
This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.

Extract the contents of the zipped file to desktop (applicable only to Zip mirror) .
Double click or on your desktop.
If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.

Click the image to enlarge it
In the right panel, you will see several boxes that have been checked. Uncheck the following ...
- IAT/EAT
- Drives/Partition other than Systemdrive (typically C:\)
- Show All (don't miss this one)
Then click the Scan button & wait for it to finish.
Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
Save it where you can easily find it, such as your desktop, and attach it in your reply.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

===================================================

Download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

===================================================

On your next reply please post :
OTL log
GMER log
Checkup log

Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.

Good Day!

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may

#4 Squirrel1693

Authentic Member

Authentic Member
20 posts

Posted 07 June 2012 - 12:42 PM

Here are the two OTL logs

OTL logfile created on: 6/7/2012 2:24:20 PM - Run 2
OTL by OldTimer - Version 3.2.46.0 Folder = C:\Users\Quintin\Downloads
Home Basic Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: South Africa | Language: ENS | Date Format: yyyy/MM/dd

1.87 Gb Total Physical Memory | 0.74 Gb Available Physical Memory | 39.70% Memory free
3.74 Gb Paging File | 1.82 Gb Available in Paging File | 48.60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116.44 Gb Total Space | 8.29 Gb Free Space | 7.12% Space Free | Partition Type: NTFS
Drive D: | 116.05 Gb Total Space | 32.48 Gb Free Space | 27.99% Space Free | Partition Type: NTFS
Drive F: | 298.56 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 45.71 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: QUINTIN-TOSH | User Name: Quintin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_2_202_233_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security)
PRC - C:\Program Files\Java\jre6\bin\jp2launcher.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Java\jre6\bin\java.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS)
PRC - c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)
PRC - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
PRC - C:\Program Files\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
PRC - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
PRC - C:\Program Files\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
PRC - C:\Program Files\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
PRC - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
PRC - C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (DT Soft Ltd)
PRC - C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.)
PRC - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation)
PRC - C:\Program Files\Lexmark 5600-6600 Series\lxdumsdmon.exe ()
PRC - C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe ()
PRC - C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe (TOSHIBA CORPORATION)
PRC - c:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Windows\System32\lxducoms.exe ( )
PRC - C:\Windows\System32\spool\drivers\w32x86\3\lxduserv.exe (Lexmark International, Inc.)
PRC - C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)

========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\08d608378aa405adc844f3cf36974b8c\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6f3b99ed0b791ff4d8aa52f2f0cd0bcf\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\fbc05b5b05dc6366b02b8e2f77d080f1\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\20008c75bb41e2febf84d4d4aea5b4e8\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Design\52873358b397c328168f0a5be7f3b9ae\System.Design.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\02d5be8209f0eac6f7725f8d83b87df6\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\ad18f93fc713db2c4b29b25116c13bd8\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\1e85062785e286cd9eae9c26d2c61f73\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\2ad23de8284d4594aa658dfb5e667d97\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\9859a6e0562f64eacfb8ad76f260a2d6\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf293040f3a93afa1ea782487acae816\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\d9a485330ec2708456134e4a9712a4ab\System.Security.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll ()
MOD - C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
MOD - C:\Program Files\Java\jre6\bin\jp2native.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Taskbar.dll ()
MOD - C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\Mega Zipper\contmenu.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll ()
MOD - C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll ()
MOD - C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll ()
MOD - C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll ()
MOD - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll ()
MOD - C:\Program Files\Lexmark 5600-6600 Series\lxdumsdmon.exe ()
MOD - C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe ()
MOD - C:\Program Files\Lexmark Printable Web\resource.dll ()
MOD - C:\Program Files\Lexmark Printable Web\bho.dll ()
MOD - C:\Program Files\Lexmark 5600-6600 Series\lxducaps.dll ()
MOD - C:\Program Files\Lexmark 5600-6600 Series\lxduscw.dll ()
MOD - C:\Program Files\Lexmark 5600-6600 Series\lxdudrs.dll ()
MOD - C:\Program Files\Lexmark 5600-6600 Series\lxducnv4.dll ()
MOD - C:\Program Files\Lexmark 5600-6600 Series\app4r.monitor.core.dll ()
MOD - C:\Program Files\Lexmark 5600-6600 Series\app4r.monitor.common.dll ()
MOD - C:\Program Files\Lexmark 5600-6600 Series\app4r.devmons.mcmdevmon.dll ()
MOD - C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll ()
MOD - C:\Windows\System32\spool\drivers\w32x86\3\lxdudatr.dll ()
MOD - C:\Windows\System32\msjetoledb40.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
MOD - C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll ()
MOD - C:\Program Files\Lexmark 5600-6600 Series\app4r.devmons.mcmdevmon.autoplayutil.dll ()
MOD - C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll ()

========== Win32 Services (SafeList) ==========

SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (McAfee SiteAdvisor Service) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (VmbService) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
SRV - (NanoServiceMain) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
SRV - (TMachInfo) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (IconMan_R) -- C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO) -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (TOSHIBA HDD SSD Alert Service) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
SRV - (cfWiMAXService) -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe (TOSHIBA CORPORATION)
SRV - (Nero BackItUp Scheduler 4.0) -- c:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (GameConsoleService) -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (lxdu_device) -- C:\Windows\System32\lxducoms.exe ( )
SRV - (lxduCATSCustConnectService) -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe ()
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (RemoteAccess) -- C:\Windows\System32\mprdim.dll (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (ConfigFree Service) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)

========== Driver Services (SafeList) ==========

DRV - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
DRV - (axefyqvw) -- File not found
DRV - (PSINAflt) -- C:\Windows\System32\drivers\PSINAflt.sys (Panda Security, S.L.)
DRV - (PSINProt) -- C:\Windows\System32\drivers\PSINProt.sys (Panda Security, S.L.)
DRV - (PSINKNC) -- C:\Windows\System32\drivers\PSINKNC.sys (Panda Security, S.L.)
DRV - (VBoxDrv) -- C:\Program Files\YouWave_Android\vb\VBoxDrv.sys (Oracle Corporation)
DRV - (huawei_enumerator) -- C:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (vodafone_zte_cdc_ecm) -- C:\Windows\System32\drivers\vodafone_zte_cdc_ecm.sys (Vodafone)
DRV - (vodafone_zte_ecm_enum_filter) -- C:\Windows\System32\drivers\vodafone_zte_ecm_enum_filter.sys (Vodafone)
DRV - (vodafone_zte_ecm_enum) Vodafone Vodafone ZTE DC Enumerator (ZTE) -- C:\Windows\System32\drivers\vodafone_zte_ecm_enum.sys (Vodafone)
DRV - (vodafone_zte_cdc_acm) Vodafone Vodafone ZTE CDC-ACM driver (ZTE) -- C:\Windows\System32\drivers\vodafone_zte_cdc_acm.sys (Vodafone)
DRV - (vodafone_zte_cpo) -- C:\Windows\System32\drivers\vodafone_zte_cpo.sys (Vodafone)
DRV - (PSINProc) -- C:\Windows\System32\drivers\PSINProc.sys (Panda Security, S.L.)
DRV - (PSINFile) -- C:\Windows\System32\drivers\PSINFile.sys (Panda Security, S.L.)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (udfs) -- C:\Windows\System32\drivers\udfs.sys (Microsoft Corporation)
DRV - (CeKbFilter) -- C:\Windows\System32\drivers\CeKbFilter.sys (Compal Electronics, INC.)
DRV - (vodafone_K3805-z_dc_enum) -- C:\Windows\System32\drivers\vodafone_K3805-z_dc_enum.sys (Vodafone)
DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV - (Tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (tos_sps32) -- C:\Windows\System32\drivers\tos_sps32.sys (TOSHIBA Corporation)
DRV - (TosRfSnd) -- C:\Windows\System32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (LPCFilter) -- C:\Windows\System32\drivers\LPCFilter.sys (COMPAL ELECTRONIC INC.)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (TVALZ) -- C:\Windows\System32\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV - (crcdisk) -- C:\Windows\System32\drivers\crcdisk.sys (Microsoft Corporation)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (ws2ifsl) -- C:\Windows\System32\drivers\ws2ifsl.sys (Microsoft Corporation)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
DRV - (pavboot) -- C:\Windows\System32\drivers\pavboot.sys (Panda Security, S.L.)
DRV - (PGEffect) -- C:\Windows\System32\drivers\PGEffect.sys (TOSHIBA Corporation)
DRV - (Tosrfhid) -- C:\Windows\System32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (tosporte) -- C:\Windows\System32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{28AC540B-DFF1-4EB4-A8D7-B2EC5FEE81AD}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...mp;sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.up.ac.za...ate=r4op2y86x_4
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {96B6FDCC-F99F-4A18-AA93-7E00F0E0E845}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...amp;FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...c=browsersearch
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" =
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...mp;sourceid=ie7
IE - HKCU\..\SearchScopes\{96B6FDCC-F99F-4A18-AA93-7E00F0E0E845}: "URL" = http://www.google.co...;rlz=1I7ADFA_en
IE - HKCU\..\SearchScopes\{E93AB632-8576-4935-840F-42CBBEDB09CA}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:3128

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Quintin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Quintin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Quintin\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll (Facebook, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2011/01/19 20:56:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/02/28 14:48:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp1950@crossrider.com: C:\Users\Quintin\AppData\Local\RewardsArcadeSuite\1950\Firefox [2012/01/22 01:30:37 | 000,000,000 | ---D | M]

[2012/05/08 00:38:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Quintin\AppData\Roaming\Mozilla\Firefox\extensions
[2012/05/08 00:38:41 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Quintin\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{googl
e:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chr
o
me&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client
=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Quintin\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Quintin\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Quintin\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Quintin\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll
CHR - Extension: Flashcards = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adgakpcekaedlfopplbbmbbknppkpjgp\0.7.2_0\
CHR - Extension: BIODIGITAL HUMAN = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak\0.9.5_0\
CHR - Extension: From Dust = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\anelkojiepicmcldgnmkplocifmegpfj\0.0.0.23_0\
CHR - Extension: Language Immersion for Chrome = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bedbecnakfcpmkpddjfnfihogkaggkhl\1.0.3_0\
CHR - Extension: Graphing Calculator by Desmos.com = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhdheahnajobgndecdbggfmcojekgdko\1.4_0\
CHR - Extension: YouTube = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Daum Equation Editor = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dinfmiceliiomokeofbocegmacmagjhe\1.2.130_0\
CHR - Extension: Build a Robot = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkifjkfdmacgkhldodeohbhcknoijpeo\1.1_0\
CHR - Extension: Toss it = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlifoiidlkcpdlchhngenehnhcadakpl\2.3_0\
CHR - Extension: Crazy Rollercoaster = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eafhgomkapdagnpmmgilphbolnejepoc\1.0_0\
CHR - Extension: SiteAdvisor = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\
CHR - Extension: Run Ninja Run = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjjeacpabbmdgffcfccfaihbghhbnpl\1.0.1_0\
CHR - Extension: RewardsArcade Suite = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ielefkgbofdpglioecfjcbikholflklb\1.17.28_0\
CHR - Extension: Element = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjpnebljmdbglkmlnijcaplhfhkhdnib\0.9.0_0\
CHR - Extension: Google I/O: input/output = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbmphclbekipaojhpbkbofoioffecilh\1.3.3.7_0\
CHR - Extension: Advanced Periodic Table = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\obpkghbakijeifcoimhhechlmcbdmmli\1.7_0\
CHR - Extension: Khan Academy = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pahdiadnidmaaoohjmlkcjffbfcapgko\0.0.0.1_0\
CHR - Extension: Gmail = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (RewardsArcadeSuite) - {B6EF6C45-5E8D-4c3b-B580-A5073261A381} - C:\Program Files\RewardsArcadeSuite\RewardsArcadeSuite.dll (215 Apps)
O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Iusage] C:\PROGRA~1\INTERN~2\nonetdet.exe File not found
O4 - HKLM..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Lexmark 5600-6600 Series Fax Server] C:\Program Files\Lexmark 5600-6600 Series\fm3032.exe ()
O4 - HKLM..\Run: [lxduamon] C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe ()
O4 - HKLM..\Run: [lxdumon.exe] C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe ()
O4 - HKLM..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
O4 - HKLM..\Run: [NBAgent] c:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [Panda Security URL Filtering] C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security)
O4 - HKLM..\Run: [PSUNMain] C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Quintin\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [GameXN] C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS)
O4 - HKCU..\Run: [GameXN (news)] C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS)
O4 - HKCU..\Run: [GameXN (update)] C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS)
O4 - HKCU..\Run: [NvCplDaemonTool] rundll32.exe C:\Users\Quintin\eqload06.dll,_IWMPEvents File not found
O4 - HKCU..\Run: [Rim.DesktopHelper.exe] C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.DesktopHelper.exe File not found
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil32_11_2_202_233_ActiveX.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Users\Quintin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Quintin\AppData\Local\Facebook\Messenger\2.1.4520.0\FacebookMessenger.exe (Facebook)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{49B0D569-8DCA-40DB-A6A4-092666179C7D}: NameServer = 196.207.36.251 196.207.36.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5F3E652B-6EC5-4996-8800-D27E8A5BFBF9}: DhcpNameServer = 41.221.224.2 41.221.224.26
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2000/06/01 09:39:56 | 000,000,524 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2011/07/14 20:46:15 | 000,000,118 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{05afe519-04a2-11e1-8a54-88ae1ded36b7}\Shell - "" = AutoRun
O33 - MountPoints2\{05afe519-04a2-11e1-8a54-88ae1ded36b7}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{05afe51f-04a2-11e1-8a54-88ae1ded36b7}\Shell - "" = AutoRun
O33 - MountPoints2\{05afe51f-04a2-11e1-8a54-88ae1ded36b7}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{6507d62b-4cd9-11e1-b3fe-88ae1ded36b7}\Shell - "" = AutoRun
O33 - MountPoints2\{6507d62b-4cd9-11e1-b3fe-88ae1ded36b7}\Shell\AutoRun\command - "" = F:\VMC_PBStarter.exe
O33 - MountPoints2\{6fd5e637-04b8-11e1-a2e2-88ae1ded36b7}\Shell - "" = AutoRun
O33 - MountPoints2\{6fd5e637-04b8-11e1-a2e2-88ae1ded36b7}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{7560f76e-a293-11e0-a9fe-88ae1ded36b7}\Shell - "" = AutoRun
O33 - MountPoints2\{7560f76e-a293-11e0-a9fe-88ae1ded36b7}\Shell\AutoRun\command - "" = F:\VMC_PBStarter.exe
O33 - MountPoints2\{7560f771-a293-11e0-a9fe-88ae1ded36b7}\Shell - "" = AutoRun
O33 - MountPoints2\{7560f771-a293-11e0-a9fe-88ae1ded36b7}\Shell\AutoRun\command - "" = F:\VMC_PBStarter.exe
O33 - MountPoints2\{75e151d7-8f71-11e0-a43c-88ae1ded36b7}\Shell - "" = AutoRun
O33 - MountPoints2\{75e151d7-8f71-11e0-a43c-88ae1ded36b7}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{811dfc51-10e5-11e0-a4bc-88ae1ded36b7}\Shell - "" = AutoRun
O33 - MountPoints2\{811dfc51-10e5-11e0-a4bc-88ae1ded36b7}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{811dfc54-10e5-11e0-a4bc-88ae1ded36b7}\Shell - "" = AutoRun
O33 - MountPoints2\{811dfc54-10e5-11e0-a4bc-88ae1ded36b7}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{e18bc47e-1034-11e0-92d7-88ae1ded36b7}\Shell - "" = AutoRun
O33 - MountPoints2\{e18bc47e-1034-11e0-92d7-88ae1ded36b7}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{e18bc484-1034-11e0-92d7-88ae1ded36b7}\Shell - "" = AutoRun
O33 - MountPoints2\{e18bc484-1034-11e0-92d7-88ae1ded36b7}\Shell\AutoRun\command - "" = G:\setup.exe -- [2011/07/15 15:23:56 | 047,597,473 | R--- | M] ()
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup.exe -- [2011/07/15 15:23:56 | 047,597,473 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.IV41 - C:\Windows\System32\ir41_32.ax (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/06/07 14:18:39 | 000,000,000 | ---D | C] -- C:\Users\Quintin\Desktop\PC
[2012/06/04 21:02:14 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Quintin\Desktop\OTL.exe
[2012/06/01 18:44:53 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\pavboot.sys
[2012/06/01 18:44:18 | 000,000,000 | -H-D | C] -- C:\Windows\AxInstSV
[2012/06/01 15:24:30 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2012/06/01 15:24:28 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader Toolbar
[2012/06/01 15:24:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2012/06/01 15:24:25 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/05/28 01:11:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BestGameEver
[2012/05/28 01:10:23 | 000,000,000 | ---D | C] -- C:\Program Files\BestGameEver
[2012/05/22 10:58:46 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/05/22 10:58:44 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/05/22 10:58:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/05/22 10:58:42 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/05/22 10:58:41 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/05/22 10:58:40 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/05/22 01:34:56 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012/05/22 01:34:56 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012/05/18 09:46:07 | 000,000,000 | ---D | C] -- C:\Users\Quintin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2012/05/18 00:57:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2012/05/18 00:41:51 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2012/05/18 00:41:51 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2012/05/18 00:41:48 | 001,171,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/05/18 00:41:48 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2012/05/18 00:41:48 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2012/05/18 00:41:46 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2012/05/18 00:41:44 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2012/05/18 00:41:43 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2012/05/18 00:41:43 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2012/05/18 00:41:42 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2012/05/18 00:41:41 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012/05/18 00:41:40 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2012/05/18 00:41:40 | 000,520,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2012/05/18 00:41:39 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2012/05/18 00:41:39 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2012/05/18 00:41:37 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2012/05/18 00:41:37 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2012/05/18 00:41:35 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2012/05/18 00:41:33 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2012/05/18 00:41:32 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2012/05/18 00:41:31 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2012/05/18 00:41:31 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2012/05/18 00:41:31 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2012/05/18 00:41:30 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2012/05/18 00:41:29 | 003,367,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2012/05/18 00:41:29 | 000,863,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2012/05/18 00:41:29 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2012/05/18 00:41:28 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWorkspace.dll
[2012/05/18 00:41:28 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsmf.dll
[2012/05/18 00:41:27 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2012/05/18 00:41:27 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2012/05/18 00:41:26 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2012/05/18 00:41:25 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2012/05/18 00:41:25 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\System32\DShowRdpFilter.dll
[2012/05/18 00:41:25 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2012/05/18 00:41:24 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2012/05/18 00:41:24 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppobjs.dll
[2012/05/18 00:41:24 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2012/05/18 00:41:24 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2012/05/18 00:41:23 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2012/05/18 00:41:23 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2012/05/18 00:41:23 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2012/05/18 00:41:22 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2012/05/18 00:41:22 | 000,508,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2012/05/18 00:41:21 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppwinob.dll
[2012/05/18 00:41:21 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2012/05/18 00:41:21 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfds.dll
[2012/05/18 00:41:21 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2012/05/18 00:41:20 | 002,414,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/05/18 00:41:20 | 000,442,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2012/05/18 00:41:20 | 000,240,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012/05/18 00:41:19 | 001,063,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll
[2012/05/18 00:41:19 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2012/05/18 00:41:19 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2012/05/18 00:41:17 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2012/05/18 00:41:17 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2012/05/18 00:41:17 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2012/05/18 00:41:16 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2012/05/18 00:41:16 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2012/05/18 00:41:16 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2012/05/18 00:41:16 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2012/05/18 00:41:15 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2012/05/18 00:41:15 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2012/05/18 00:41:15 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\calc.exe
[2012/05/18 00:41:15 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2012/05/18 00:41:15 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnike.dll
[2012/05/18 00:41:14 | 000,271,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapi.dll
[2012/05/18 00:41:13 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgprint.dll
[2012/05/18 00:41:13 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prncache.dll
[2012/05/18 00:41:12 | 000,690,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2012/05/18 00:41:12 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2012/05/18 00:41:12 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2012/05/18 00:41:12 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2012/05/18 00:41:12 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2012/05/18 00:41:12 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2012/05/18 00:41:12 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitagent.exe
[2012/05/18 00:41:11 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2012/05/18 00:41:11 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2012/05/18 00:41:11 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2012/05/18 00:41:11 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2012/05/18 00:41:11 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2012/05/18 00:41:10 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2012/05/18 00:41:10 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2012/05/18 00:41:10 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2012/05/18 00:41:10 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2012/05/18 00:41:09 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2012/05/18 00:41:09 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2012/05/18 00:41:09 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2012/05/18 00:41:09 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/05/18 00:41:09 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2012/05/18 00:41:09 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2012/05/18 00:41:09 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2012/05/18 00:41:09 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2012/05/18 00:41:07 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2012/05/18 00:41:07 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXPTaskRingtone.dll
[2012/05/18 00:41:07 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2012/05/18 00:41:07 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2012/05/18 00:41:07 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2012/05/18 00:41:06 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2012/05/18 00:41:06 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2012/05/18 00:41:05 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootres.dll
[2012/05/18 00:41:05 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2012/05/18 00:41:05 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Narrator.exe
[2012/05/18 00:41:05 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2012/05/18 00:41:05 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vaultsvc.dll
[2012/05/18 00:41:05 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2012/05/18 00:41:05 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2012/05/18 00:41:04 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2012/05/18 00:41:04 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2012/05/18 00:41:04 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2012/05/18 00:41:04 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halmacpi.dll
[2012/05/18 00:41:04 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hal.dll
[2012/05/18 00:41:04 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2012/05/18 00:41:04 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2012/05/18 00:41:04 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\proquota.exe
[2012/05/18 00:41:03 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2012/05/18 00:41:03 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2012/05/18 00:41:03 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2012/05/18 00:41:03 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2012/05/18 00:41:03 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2012/05/18 00:41:03 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2012/05/18 00:41:03 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2012/05/18 00:41:03 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2012/05/18 00:41:03 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2012/05/18 00:41:03 | 000,035,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\winusb.sys
[2012/05/18 00:41:02 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll
[2012/05/18 00:41:02 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2012/05/18 00:41:02 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2012/05/18 00:41:01 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2012/05/18 00:41:01 | 001,131,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2012/05/18 00:41:01 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vault.dll
[2012/05/18 00:41:01 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2012/05/18 00:41:01 | 000,132,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2012/05/18 00:41:01 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2012/05/18 00:41:00 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2012/05/18 00:41:00 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2012/05/18 00:41:00 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2012/05/18 00:40:59 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DxpTaskSync.dll
[2012/05/18 00:40:59 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Display.dll
[2012/05/18 00:40:59 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
[2012/05/18 00:40:59 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2012/05/18 00:40:59 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sharemediacpl.dll
[2012/05/18 00:40:59 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012/05/18 00:40:59 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userinit.exe
[2012/05/18 00:40:58 | 001,188,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DiagCpl.dll
[2012/05/18 00:40:58 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2012/05/18 00:40:58 | 000,140,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2012/05/18 00:40:57 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SensorsCpl.dll
[2012/05/18 00:40:57 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2012/05/18 00:40:57 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2012/05/18 00:40:57 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.dll
[2012/05/18 00:40:57 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\biocpl.dll
[2012/05/18 00:40:57 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2012/05/18 00:40:57 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2012/05/18 00:40:57 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2012/05/18 00:40:57 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppcomapi.dll
[2012/05/18 00:40:57 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoncli.dll
[2012/05/18 00:40:57 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2012/05/18 00:40:56 | 000,766,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2012/05/18 00:40:56 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscmmc.dll
[2012/05/18 00:40:55 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2012/05/18 00:40:55 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2012/05/18 00:40:55 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2012/05/18 00:40:55 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll
[2012/05/18 00:40:55 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2012/05/18 00:40:55 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2012/05/18 00:40:55 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2012/05/18 00:40:54 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2012/05/18 00:40:54 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2012/05/18 00:40:54 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2012/05/18 00:40:54 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2012/05/18 00:40:54 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2012/05/18 00:40:54 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2012/05/18 00:40:54 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2012/05/18 00:40:54 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012/05/18 00:40:54 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
[2012/05/18 00:40:54 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2012/05/18 00:40:54 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2012/05/18 00:40:53 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2012/05/18 00:40:53 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2012/05/18 00:40:53 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2012/05/18 00:40:53 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2012/05/18 00:40:53 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL
[2012/05/18 00:40:53 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2012/05/18 00:40:53 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2012/05/18 00:40:53 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2012/05/18 00:40:53 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2012/05/18 00:40:52 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2012/05/18 00:40:52 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\main.cpl
[2012/05/18 00:40:52 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll
[2012/05/18 00:40:52 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2012/05/18 00:40:52 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2012/05/18 00:40:52 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MCEWMDRMNDBootstrap.dll
[2012/05/18 00:40:52 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2012/05/18 00:40:52 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netjoin.dll
[2012/05/18 00:40:51 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2012/05/18 00:40:51 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll
[2012/05/18 00:40:51 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2012/05/18 00:40:51 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slui.exe
[2012/05/18 00:40:51 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2012/05/18 00:40:51 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2012/05/18 00:40:51 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskbarcpl.dll
[2012/05/18 00:40:51 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\defaultlocationcpl.dll
[2012/05/18 00:40:51 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OnLineIDCpl.dll
[2012/05/18 00:40:51 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2012/05/18 00:40:51 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2012/05/18 00:40:51 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2012/05/18 00:40:50 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2012/05/18 00:40:50 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2012/05/18 00:40:50 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenterCPL.dll
[2012/05/18 00:40:50 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2012/05/18 00:40:50 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2012/05/18 00:40:50 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efscore.dll
[2012/05/18 00:40:50 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2012/05/18 00:40:50 | 000,137,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halacpi.dll
[2012/05/18 00:40:50 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recovery.dll
[2012/05/18 00:40:50 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2012/05/18 00:40:50 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2012/05/18 00:40:50 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sisbkup.dll
[2012/05/18 00:40:49 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OobeFldr.dll
[2012/05/18 00:40:49 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdcpl.dll
[2012/05/18 00:40:49 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2012/05/18 00:40:49 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2012/05/18 00:40:49 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceCenter.dll
[2012/05/18 00:40:49 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2012/05/18 00:40:49 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2012/05/18 00:40:49 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2012/05/18 00:40:49 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2012/05/18 00:40:49 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2012/05/18 00:40:48 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2012/05/18 00:40:48 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2012/05/18 00:40:48 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2012/05/18 00:40:48 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2012/05/18 00:40:48 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2012/05/18 00:40:48 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2012/05/18 00:40:48 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2012/05/18 00:40:48 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdboot.exe
[2012/05/18 00:40:47 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2012/05/18 00:40:47 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2012/05/18 00:40:47 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2012/05/18 00:40:47 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2012/05/18 00:40:47 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2012/05/18 00:40:47 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2012/05/18 00:40:46 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2012/05/18 00:40:46 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2012/05/18 00:40:46 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2012/05/18 00:40:45 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2012/05/18 00:40:45 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2012/05/18 00:40:45 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2012/05/18 00:40:45 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2012/05/18 00:40:45 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2012/05/18 00:40:45 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgent.dll
[2012/05/18 00:40:45 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2012/05/18 00:40:45 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2012/05/18 00:40:45 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/05/18 00:40:45 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\isoburn.exe
[2012/05/18 00:40:45 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzutil.exe
[2012/05/18 00:40:44 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2012/05/18 00:40:44 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimgapi.dll
[2012/05/18 00:40:44 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2012/05/18 00:40:44 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2012/05/18 00:40:43 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2012/05/18 00:40:43 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2012/05/18 00:40:43 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2012/05/18 00:40:43 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2012/05/18 00:40:43 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxlib.dll
[2012/05/18 00:40:43 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2012/05/18 00:40:43 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2012/05/18 00:40:42 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2012/05/18 00:40:42 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2012/05/18 00:40:42 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingFolder.dll
[2012/05/18 00:40:42 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanconn.dll
[2012/05/18 00:40:42 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2012/05/18 00:40:42 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2012/05/18 00:40:41 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2012/05/18 00:40:41 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimserv.exe
[2012/05/18 00:40:41 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeResults.exe
[2012/05/18 00:40:41 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2012/05/18 00:40:41 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2012/05/18 00:40:41 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012/05/18 00:40:41 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetapi.dll
[2012/05/18 00:40:41 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2012/05/18 00:40:41 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UserAccountControlSettings.dll
[2012/05/18 00:40:41 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2012/05/18 00:40:41 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acppage.dll
[2012/05/18 00:40:40 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onexui.dll
[2012/05/18 00:40:40 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nltest.exe
[2012/05/18 00:40:40 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2012/05/18 00:40:40 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2012/05/18 00:40:40 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2012/05/18 00:40:40 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2012/05/18 00:40:40 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2012/05/18 00:40:40 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2012/05/18 00:40:40 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnikeapi.dll
[2012/05/18 00:40:39 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2012/05/18 00:40:39 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2012/05/18 00:40:39 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2012/05/18 00:40:39 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFPlay.dll
[2012/05/18 00:40:39 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2012/05/18 00:40:39 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2012/05/18 00:40:39 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2012/05/18 00:40:38 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2012/05/18 00:40:38 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2012/05/18 00:40:38 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2012/05/18 00:40:38 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2012/05/18 00:40:38 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/05/18 00:40:38 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2012/05/18 00:40:38 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2012/05/18 00:40:38 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdmat.dll
[2012/05/18 00:40:38 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpd3d.dll
[2012/05/18 00:40:38 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2012/05/18 00:40:38 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2012/05/18 00:40:37 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceStatus.dll
[2012/05/18 00:40:37 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2012/05/18 00:40:37 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2012/05/18 00:40:37 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2012/05/18 00:40:37 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceSyncProvider.dll
[2012/05/18 00:40:37 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2012/05/18 00:40:37 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012/05/18 00:40:37 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2012/05/18 00:40:37 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2012/05/18 00:40:37 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2012/05/18 00:40:37 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2012/05/18 00:40:37 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2012/05/18 00:40:37 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2012/05/18 00:40:37 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2012/05/18 00:40:37 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\djoin.exe
[2012/05/18 00:40:37 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2012/05/18 00:40:37 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2012/05/18 00:40:36 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2012/05/18 00:40:36 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2012/05/18 00:40:36 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2012/05/18 00:40:36 | 000,257,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe
[2012/05/18 00:40:36 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2012/05/18 00:40:36 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2012/05/18 00:40:36 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiavideo.dll
[2012/05/18 00:40:36 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2012/05/18 00:40:36 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2012/05/18 00:40:36 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapistub.dll
[2012/05/18 00:40:36 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll
[2012/05/18 00:40:36 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2012/05/18 00:40:36 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2012/05/18 00:40:36 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2012/05/18 00:40:35 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012/05/18 00:40:35 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2012/05/18 00:40:35 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2012/05/18 00:40:35 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2012/05/18 00:40:35 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2012/05/18 00:40:35 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2012/05/18 00:40:35 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2012/05/18 00:40:35 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppinst.dll
[2012/05/18 00:40:35 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2012/05/18 00:40:35 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2012/05/18 00:40:35 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cca.dll
[2012/05/18 00:40:34 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2012/05/18 00:40:34 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelPost.exe
[2012/05/18 00:40:34 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2012/05/18 00:40:34 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2012/05/18 00:40:34 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2012/05/18 00:40:34 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2012/05/18 00:40:34 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2012/05/18 00:40:34 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2012/05/18 00:40:34 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2012/05/18 00:40:34 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2012/05/18 00:40:34 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2012/05/18 00:40:34 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PrintIsolationProxy.dll
[2012/05/18 00:40:34 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2012/05/18 00:40:33 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\itircl.dll
[2012/05/18 00:40:33 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsicli.exe
[2012/05/18 00:40:33 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2012/05/18 00:40:33 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2012/05/18 00:40:33 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2012/05/18 00:40:33 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2012/05/18 00:40:33 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2012/05/18 00:40:33 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertPolEng.dll
[2012/05/18 00:40:33 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2012/05/18 00:40:33 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MultiDigiMon.exe
[2012/05/18 00:40:33 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2012/05/18 00:40:33 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll
[2012/05/18 00:40:33 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2012/05/18 00:40:33 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2012/05/18 00:40:33 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2012/05/18 00:40:33 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2012/05/18 00:40:33 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2012/05/18 00:40:33 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nrpsrv.dll
[2012/05/18 00:40:32 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2012/05/18 00:40:32 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSTIFF.dll
[2012/05/18 00:40:32 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2012/05/18 00:40:32 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2012/05/18 00:40:32 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpps.dll
[2012/05/18 00:40:32 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2012/05/18 00:40:32 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tlscsp.dll
[2012/05/18 00:40:32 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2012/05/18 00:40:32 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2012/05/18 00:40:32 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz32.dll
[2012/05/18 00:40:32 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/05/18 00:40:32 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2012/05/18 00:40:32 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2012/05/18 00:40:32 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgentc.exe
[2012/05/18 00:40:31 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppc.dll
[2012/05/18 00:40:31 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2012/05/18 00:40:31 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\manage-bde.exe
[2012/05/18 00:40:31 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\repair-bde.exe
[2012/05/18 00:40:31 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2012/05/18 00:40:31 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2012/05/18 00:40:31 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdiasqmmodule.dll
[2012/05/18 00:40:31 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbrpm.sys
[2012/05/18 00:40:31 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2012/05/18 00:40:31 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2012/05/18 00:40:31 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2012/05/18 00:40:31 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2012/05/18 00:40:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\muifontsetup.dll
[2012/05/18 00:40:30 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2012/05/18 00:40:30 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2012/05/18 00:40:29 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2012/05/18 00:40:29 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2012/05/18 00:40:29 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2012/05/18 00:40:29 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2012/05/18 00:40:29 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2012/05/18 00:40:29 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012/05/18 00:40:29 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2012/05/18 00:40:29 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/05/18 00:40:29 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdprefdrvapi.dll
[2012/05/18 00:40:29 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
[2012/05/18 00:40:28 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2012/05/18 00:40:28 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSMON.dll
[2012/05/18 00:40:28 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elsTrans.dll
[2012/05/18 00:40:28 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TRAPI.dll
[2012/05/18 00:40:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsperf.dll
[2012/05/18 00:40:27 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2012/05/18 00:40:27 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2012/05/18 00:40:27 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schedcli.dll
[2012/05/18 00:40:27 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sscore.dll
[2012/05/18 00:40:26 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2012/05/18 00:40:26 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/05/18 00:40:26 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2012/05/18 00:40:26 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2012/05/18 00:40:26 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2012/05/18 00:40:25 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshirda.dll
[2012/05/18 00:40:24 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2012/05/18 00:40:24 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2012/05/18 00:40:24 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2012/05/18 00:40:23 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPREFDD.dll
[2012/05/18 00:40:23 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\C_ISCII.DLL
[2012/05/18 00:40:23 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shunimpl.dll
[2012/05/18 00:40:23 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2012/05/18 00:40:23 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2012/05/18 00:40:22 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUS.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUGHR1.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTURME.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTAJIK.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMON.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMAORI.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDLT1.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTEL.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINORI.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINKAN.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBULG.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBLR.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBASH.DLL
[2012/05/18 00:40:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGEO.DLL
[2012/05/18 00:40:21 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2012/05/18 00:40:21 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BlbEvents.dll
[2012/05/18 00:40:21 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pifmgr.dll
[2012/05/18 00:40:21 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2012/05/18 00:40:21 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSG.DLL
[2012/05/18 00:40:21 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbdlk41a.dll
[2012/05/18 00:40:21 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDCZ1.DLL
[2012/05/18 00:40:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUQ.DLL
[2012/05/18 00:40:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUF.DLL
[2012/05/18 00:40:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSF.DLL
[2012/05/18 00:40:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDPO.DLL
[2012/05/18 00:40:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDNEPR.DLL
[2012/05/18 00:40:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINBEN.DLL
[2012/05/18 00:40:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGR1.DLL
[2012/05/18 00:40:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGKL.DLL
[2012/05/18 00:40:21 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTAM.DLL
[2012/05/18 00:40:21 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINMAR.DLL
[2012/05/18 00:40:21 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINHIN.DLL
[2012/05/18 00:40:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnaddr.dll
[2012/05/18 00:39:56 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2012/05/18 00:39:55 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2012/05/18 00:39:41 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2012/05/18 00:39:35 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2012/05/18 00:39:35 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2012/05/18 00:38:57 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2012/05/18 00:38:57 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2012/05/18 00:35:05 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012/05/18 00:35:00 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/05/18 00:35:00 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/05/18 00:34:59 | 002,343,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/05/18 00:34:08 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2012/05/18 00:24:31 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/05/13 12:44:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/07 14:21:25 | 000,853,862 | ---- | M] () -- C:\Users\Quintin\Desktop\SecurityCheck.exe
[2012/06/07 14:19:40 | 000,302,592 | ---- | M] () -- C:\Users\Quintin\Desktop\1jyfih6i.exe
[2012/06/07 14:11:01 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2902293576-1312171331-523581119-1000UA.job
[2012/06/07 14:09:43 | 000,628,460 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/07 14:09:43 | 000,110,612 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/06/07 13:52:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/07 13:44:01 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/07 13:17:08 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2902293576-1312171331-523581119-1000UA.job
[2012/06/07 05:44:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/07 01:34:00 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job
[2012/06/07 00:11:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2902293576-1312171331-523581119-1000Core.job
[2012/06/06 16:17:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2902293576-1312171331-523581119-1000Core.job
[2012/06/06 11:08:29 | 000,014,320 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/06 11:08:29 | 000,014,320 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/06 11:01:06 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012/06/06 11:00:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/06 11:00:54 | 1504,346,112 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/04 21:05:53 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Quintin\Desktop\OTL.exe
[2012/06/03 16:11:42 | 000,405,744 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/05/28 01:15:12 | 000,002,376 | ---- | M] () -- C:\Users\Quintin\Desktop\Google Chrome.lnk
[2012/05/28 01:11:25 | 000,002,733 | ---- | M] () -- C:\Users\Public\Desktop\Run Audiosurf.lnk
[2012/05/23 18:43:52 | 005,658,062 | ---- | M] () -- C:\Users\Quintin\Desktop\2012-05-23 06;43;52 PM.JPG
[2012/05/18 09:46:07 | 000,001,330 | ---- | M] () -- C:\Users\Quintin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
[2012/05/18 03:48:21 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msclmd.dll
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/06/07 14:21:01 | 000,853,862 | ---- | C] () -- C:\Users\Quintin\Desktop\SecurityCheck.exe
[2012/06/07 14:19:40 | 000,302,592 | ---- | C] () -- C:\Users\Quintin\Desktop\1jyfih6i.exe
[2012/05/28 01:11:25 | 000,002,733 | ---- | C] () -- C:\Users\Public\Desktop\Run Audiosurf.lnk
[2012/05/23 18:43:58 | 005,658,062 | ---- | C] () -- C:\Users\Quintin\Desktop\2012-05-23 06;43;52 PM.JPG
[2012/05/18 00:41:35 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012/05/18 00:40:28 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2012/05/18 00:40:19 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2012/04/18 01:29:31 | 000,000,264 | ---- | C] () -- C:\Windows\System32\PSUNCpl.dat
[2012/01/29 21:06:43 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2011/07/12 14:02:16 | 000,232,496 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2011/06/10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011/06/09 22:53:55 | 000,032,256 | ---- | C] () -- C:\Users\Quintin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/11 22:22:35 | 000,000,256 | ---- | C] () -- C:\Windows\System32\pool.bin
[2011/03/31 11:14:50 | 000,007,666 | ---- | C] () -- C:\Users\Quintin\AppData\Local\Resmon.ResmonCfg
[2010/12/27 00:36:33 | 000,040,960 | R--- | C] () -- C:\Windows\System32\psfind.dll
[2010/12/25 11:06:17 | 000,409,600 | ---- | C] ( ) -- C:\Windows\System32\lxducoin.dll
[2010/12/25 11:05:21 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxduvs.dll
[2010/12/25 11:04:16 | 001,036,288 | ---- | C] () -- C:\Windows\System32\lxdudrs.dll
[2010/12/25 11:04:16 | 000,081,920 | ---- | C] () -- C:\Windows\System32\lxducaps.dll
[2010/12/25 11:04:16 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxducnv4.dll
[2010/12/25 11:03:58 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LXDUPMON.DLL
[2010/12/25 11:03:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXDUFXPU.DLL
[2010/12/25 11:03:38 | 000,086,016 | ---- | C] () -- C:\Windows\System32\lxduoem.dll
[2010/12/25 11:01:24 | 000,000,044 | ---- | C] () -- C:\Windows\System32\lxdurwrd.ini
[2010/12/25 10:59:44 | 000,446,464 | ---- | C] ( ) -- C:\Windows\System32\LXDUhcp.dll
[2010/12/25 10:59:44 | 000,389,120 | ---- | C] () -- C:\Windows\System32\LXDUinst.dll
[2010/12/25 10:59:44 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxduinpa.dll
[2010/12/25 10:59:44 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxduiesc.dll
[2010/12/25 10:59:43 | 001,069,056 | ---- | C] ( ) -- C:\Windows\System32\lxduserv.dll
[2010/12/25 10:59:43 | 000,860,160 | ---- | C] ( ) -- C:\Windows\System32\lxduusb1.dll
[2010/12/25 10:59:42 | 000,651,264 | ---- | C] ( ) -- C:\Windows\System32\lxdupmui.dll
[2010/12/25 10:59:42 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxdulmpm.dll
[2010/12/25 10:59:41 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxduhbn3.dll
[2010/12/25 10:59:41 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\lxduih.exe
[2010/12/25 10:59:40 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdugrd.dll
[2010/12/25 10:59:39 | 000,589,824 | ---- | C] ( ) -- C:\Windows\System32\lxducoms.exe
[2010/12/25 10:59:38 | 000,761,856 | ---- | C] ( ) -- C:\Windows\System32\lxducomc.dll
[2010/12/25 10:59:38 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxducomm.dll
[2010/12/25 10:59:38 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxducfg.exe
[2010/12/25 00:49:47 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/09/30 03:02:00 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2010/09/30 02:53:32 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2010/09/30 02:46:00 | 000,045,056 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2010/09/30 02:43:29 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat

========== Custom Scans ==========

< >

< %SYSTEMDRIVE%\*.* >
[2009/06/10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/06/10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2012/06/06 11:00:54 | 1504,346,112 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/26 13:58:48 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011/03/26 13:58:48 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012/06/06 11:00:55 | 2005,798,912 | -HS- | M] () -- C:\pagefile.sys
[2010/09/30 02:43:52 | 000,002,091 | ---- | M] () -- C:\RHDSetup.log
[2010/09/06 14:48:44 | 000,000,070 | -H-- | M] () -- C:\SWSTAMP.TXT

< %systemroot%\Fonts\*.com >
[2009/07/14 06:52:25 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 06:52:25 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 06:52:25 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 06:52:25 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/10 23:31:19 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2009/07/14 03:15:26 | 000,090,624 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\HPZPPWN7.DLL
[2009/10/16 14:07:25 | 000,155,648 | ---- | M] () -- C:\Windows\system32\spool\prtprocs\w32x86\lxdudrpp.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\msonpppr.dll
[2010/11/20 14:21:36 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\winprint.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2010/09/23 00:32:56 | 000,301,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2009/07/14 06:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2011/06/14 10:57:24 | 000,000,221 | -HS- | M] () -- C:\Users\Quintin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2012/06/07 14:19:40 | 000,302,592 | ---- | M] () -- C:\Users\Quintin\Desktop\1jyfih6i.exe
[2012/04/22 03:27:25 | 025,074,688 | ---- | M] () -- C:\Users\Quintin\Desktop\AvanquestEN_styleXP3_setup.exe
[2012/06/04 21:05:53 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Quintin\Desktop\OTL.exe
[2012/06/07 14:21:25 | 000,853,862 | ---- | M] () -- C:\Users\Quintin\Desktop\SecurityCheck.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2012-05-22 09:03:11

< End of report >

OTL Extras logfile created on: 6/4/2012 9:07:47 PM - Run 1
OTL by OldTimer - Version 3.2.46.0 Folder = C:\Users\Quintin\Downloads
Home Basic Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: South Africa | Language: ENS | Date Format: yyyy/MM/dd

1.87 Gb Total Physical Memory | 0.54 Gb Available Physical Memory | 29.13% Memory free
4.48 Gb Paging File | 2.17 Gb Available in Paging File | 48.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116.44 Gb Total Space | 7.99 Gb Free Space | 6.86% Space Free | Partition Type: NTFS
Drive D: | 116.05 Gb Total Space | 32.50 Gb Free Space | 28.01% Space Free | Partition Type: NTFS
Drive G: | 45.71 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: QUINTIN-TOSH | User Name: Quintin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = Mega Zipper.CHM] -- C:\Program Files\Mega Zipper\MegaZipper.exe ()
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with Corel PaintShop Pro X4] -- "c:\Program Files\Corel\Corel PaintShop Pro X4\Corel PaintShop Pro.exe" "%L" (Corel, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01135787-E2C6-41A9-81A8-19DDC86518A1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{02C66DDA-9C51-45D1-B8B9-BD4AED634B46}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{06187ECD-DA41-40EF-83B7-69C7E0CE127B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0A640062-724E-49B0-96B0-03EBF00D562C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0CF8E4CB-5022-4730-AB5F-AC11941752D0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0FEFE439-18BA-400D-AAF8-9E84BC460930}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{17CA2B85-17BF-4348-A7FF-17C24BD4EA61}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{19721F05-24CC-4D7D-91C1-489F40D54001}" = lport=137 | protocol=17 | dir=in | app=system |
"{2262A894-DCE9-48C9-83E9-0C2581731800}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2494C4A5-95E8-4D21-8512-7C24B6086C09}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{28170527-D32A-4F1E-BBEA-6B1FDE1214F4}" = rport=138 | protocol=17 | dir=out | app=system |
"{2A17DC88-00DB-4E09-96AC-4342299D76A8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2F9C0034-7976-49D2-A5FD-BE517551F75D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2FBCEDDE-3B4D-43BF-A5D4-D8B58DD878F2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3777EF9A-9A2D-48F8-94CB-597F51DA1795}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{384E0C63-CC95-4460-B1C0-700C9682B6CD}" = lport=139 | protocol=6 | dir=in | app=system |
"{3C0233D9-0E40-47E4-A46D-7B2D579E2154}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{4E19F2E8-C9BC-433E-9853-853E3C86C0F0}" = rport=139 | protocol=6 | dir=out | app=system |
"{500394C4-9EAF-441E-A8A1-2A31FE57FBE1}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{5526BACC-AB55-4A99-AEDD-FA85135A8D4F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{55FCEA31-5861-4424-AEA5-DDBA0E0E79E7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{5A9C67C1-F034-4A95-A95D-77723FB8FED9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6B4B29A9-FFC9-46C5-B4F8-866A0315DB17}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{700E22EF-5599-43A1-A368-9B4C58FD1CF0}" = lport=138 | protocol=17 | dir=in | app=system |
"{805FAA4A-8663-46A4-9A27-D366BD3BC3E3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{817C10A7-73DF-4105-9B07-03397E093FE6}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{93106108-6CCF-4DDE-8848-56344C142D8D}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{9BD15379-10D6-450B-8485-C4EF99DFC46A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9EDB6372-511E-4188-B80B-2E6F95C5B602}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A0394DDA-0A8B-452E-9A34-A6F05E4311B2}" = rport=445 | protocol=6 | dir=out | app=system |
"{A9416B70-45BA-4C88-AD74-6597B5FFCCBC}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{AC682A2B-F6C3-4A18-B9F5-8DC579448FFE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B0BEE259-6912-4B83-BCA5-4B9DE2D3D32B}" = lport=445 | protocol=6 | dir=in | app=system |
"{B86DA12F-F753-4F35-966A-657DEFA61D47}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BEDB64DA-7699-472A-BF2E-B1D138A81436}" = rport=137 | protocol=17 | dir=out | app=system |
"{C9B4D0C0-84A4-46A5-836B-A278D8E46F84}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CACC5310-2830-4689-AB49-FDC19AF6B831}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{E980E12D-FEEE-403D-91D7-401129AA67EB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ED7744CB-A6AE-47B6-BC93-6361886BD403}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F5D3271D-4099-4625-AD11-4301ED0D4738}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07401625-A395-46AC-8702-4152A10E7BD6}" = protocol=6 | dir=in | app=c:\program files\lexmark 5600-6600 series\lxdufax.exe |
"{0B73D069-F4EA-44D4-9A57-B60CC93F74C1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0DB308D5-A545-46FE-9B19-F59FA556E1A2}" = dir=in | app=c:\program files\finalmediaplayer\fmpcheckforupdates.exe |
"{10426D28-E2AB-44F0-8EFE-8005ABE03FE7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1049C1D0-25D0-46A9-8DFA-84A3D74878F3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{14140F89-11FD-46FC-B110-FF15720A20F1}" = protocol=6 | dir=in | app=c:\program files\thq\gas powered games\supreme commander\bin\supremecommander.exe |
"{14343B4A-ED80-42AF-8650-2150B6CF509D}" = protocol=6 | dir=in | app=c:\program files\expressfiles\expressdl.exe |
"{14B2755A-73AB-44EE-8AFA-37E481191445}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{196F4308-EE90-4D82-BED5-107C05540760}" = protocol=17 | dir=in | app=c:\program files\panda security\panda security toolbar\dtuser.exe |
"{1E16E9FF-977A-4540-90FF-653076DAB8FB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{27AE996F-1790-4D0D-96CB-D44AD3716851}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2D6CF54C-79E5-493D-9E59-FE8A69924676}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2E326984-ED59-4F52-A57E-F42E01193682}" = dir=in | app=c:\windows\system32\lxducoms.exe |
"{33EABA75-04A4-4C89-BA24-BBAE3325F193}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{40A09C63-B319-4805-9C96-8D5D5AB01552}" = protocol=17 | dir=in | app=c:\program files\expressfiles\expressdl.exe |
"{4BA8912F-129A-4619-9041-4C46FA4E0613}" = protocol=17 | dir=in | app=c:\program files\thq\gas powered games\gpgnet\gpg.multiplayer.client.exe |
"{4E5705CA-0659-494C-AC7E-670E8FB0BFBF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{50578F1D-C527-4F88-BF99-2F5F80A97654}" = protocol=6 | dir=in | app=c:\program files\lexmark 5600-6600 series\lxduamon.exe |
"{50D3AE8A-621F-4B28-8F25-B5F21E5C448D}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{54603176-D49A-475D-BBB8-7EFE019347AD}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{54A7DF53-2479-402A-8556-59B219040DF1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5780F51B-B3B9-44CB-933F-2A55B07817E2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5A6A5812-A226-4F3E-8985-86C73A83044B}" = protocol=6 | dir=in | app=c:\program files\expressfiles\expressfiles.exe |
"{6841832D-7B36-4512-AFE8-04A3EC434B3E}" = protocol=6 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{6F0E49F5-F863-4623-86B4-8FFF01E0AA62}" = protocol=6 | dir=in | app=c:\program files\lexmark 5600-6600 series\frun.exe |
"{6F731200-1B84-48DB-AEE8-58A7A0B1C715}" = protocol=6 | dir=out | app=system |
"{7DFE9C33-92C4-4980-AE88-BA5804500207}" = protocol=17 | dir=in | app=c:\program files\thq\gas powered games\supreme commander - forged alliance\bin\forgedalliance.exe |
"{7E24D740-0B6C-4FC7-BAA7-BD05B5FD7057}" = protocol=17 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{85E2E21F-A6EE-49CC-AB09-7DAE92784B69}" = dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdupswx.exe |
"{8CA9BCBB-8409-4537-829D-8B1627EA67DF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E021797-035C-4D35-B7E3-B568F1DBBA5B}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{8FD08FE3-B8DC-428D-9336-C867A92C5598}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{943F8F78-E74E-4EB9-BB6C-6F197F99F579}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{9B271E6A-5DFE-44B2-956A-42A4FC33B3F6}" = protocol=17 | dir=in | app=c:\program files\lexmark 5600-6600 series\lxduamon.exe |
"{9B7AE2B9-A1A1-40D7-B061-A83CC6917589}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{9B8E3433-8623-4A93-AC48-9E13667C9891}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9C73BAEB-12CA-497C-A4F1-86EE27F07B84}" = protocol=17 | dir=in | app=c:\program files\thq\gas powered games\gpgnet\gpg.multiplayer.client.exe |
"{A71FA34C-0BEB-4720-91D5-63C145736E59}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A829BABA-19C3-48B0-B7D1-7266ACFCB675}" = protocol=17 | dir=in | app=c:\program files\thq\gas powered games\supreme commander\bin\supremecommander.exe |
"{B3FC731B-A098-4DFC-A478-AC075CD55027}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B6BE1ACA-8D13-4A06-BFA3-E316671114E0}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{B6FBF1A4-959F-4925-BCE5-68EFEC48DC31}" = protocol=17 | dir=in | app=c:\program files\lexmark 5600-6600 series\frun.exe |
"{B7C6A25F-3275-4B9F-95DB-6CF03CF6925E}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{BA1281A6-33AD-4F55-BB8B-CAE4C9963EF0}" = protocol=17 | dir=in | app=c:\windows\system32\lxducoms.exe |
"{BDBDE87C-52B7-4913-B451-AAB6488A471E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C4A1C260-8D28-4EFA-9C50-4084BA2CFEB4}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{C8C067CC-73CB-441F-845F-CD52867DAD79}" = protocol=6 | dir=in | app=c:\program files\panda security\panda security toolbar\dtuser.exe |
"{CBADB54F-C408-474E-B4DF-EE82239925C4}" = protocol=17 | dir=in | app=c:\program files\expressfiles\expressfiles.exe |
"{D6CC3FED-FA3C-465A-8D2B-DBFE16F853DE}" = protocol=6 | dir=in | app=c:\program files\thq\gas powered games\gpgnet\gpg.multiplayer.client.exe |
"{D71FCED3-01B4-4CE7-94AB-6926D55598B3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{D7559EF5-EB1D-4D0A-BE28-18E08E9DEB7D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{DC6A3DA8-1759-4342-8609-B53810600680}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E4D80952-BDBC-4D0E-AE6C-E430174762DE}" = protocol=17 | dir=in | app=c:\program files\lexmark 5600-6600 series\lxdufax.exe |
"{E7F87FE1-9588-40A4-AC9D-8E71202F03D2}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{F2EF0122-F62F-4982-B775-547B02E662A3}" = protocol=6 | dir=in | app=c:\windows\system32\lxducoms.exe |
"{F6070A06-DA55-41C1-B67E-DF2FD2C17CE7}" = protocol=6 | dir=in | app=c:\program files\thq\gas powered games\gpgnet\gpg.multiplayer.client.exe |
"{F89F8123-256A-4133-86EE-D0C3D7E049E2}" = protocol=6 | dir=in | app=c:\program files\thq\gas powered games\supreme commander - forged alliance\bin\forgedalliance.exe |
"{FD03FFE7-A629-4324-95B5-C5E12C711CDF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FD074AFE-CA4E-4E9F-8253-AF1AA2D66F65}" = dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdutime.exe |
"{FE86E910-7A01-494F-8133-51B401A90116}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FF2EE454-1FFC-4A88-95CE-B5C10E411025}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"TCP Query User{2994D67A-1A02-40A2-8CA7-F759F01196AE}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd |
"TCP Query User{48B4EB3A-F9B2-4964-B30C-ED6A0BCC41BD}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{5F66E5F3-84FF-43AC-82A6-7FD0DA37D963}D:\documents\documents\my games\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=d:\documents\documents\my games\tmnationsforever\tmforever.exe |
"TCP Query User{6CC808FB-0800-4A37-8A0E-4BE8CEA33CD4}C:\program files\youwave_android\vb\vboxsdl.exe" = protocol=6 | dir=in | app=c:\program files\youwave_android\vb\vboxsdl.exe |
"TCP Query User{9FED2234-C510-45B7-8D39-548D0E40CE99}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{A08D3507-FCB9-495A-BEB0-A88E73683123}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd |
"UDP Query User{12EF967D-CB64-472E-A1F6-42DD84D86171}C:\program files\youwave_android\vb\vboxsdl.exe" = protocol=17 | dir=in | app=c:\program files\youwave_android\vb\vboxsdl.exe |
"UDP Query User{42188C46-D454-43C1-A880-C91AD2F275D2}D:\documents\documents\my games\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=d:\documents\documents\my games\tmnationsforever\tmforever.exe |
"UDP Query User{465D625A-56AB-4688-AFC6-D98BEF7E3F6B}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{541EFEC7-CEE1-4C43-BAFA-AED6ACABFD89}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd |
"UDP Query User{86D266CD-7293-45B5-9A78-C56E9F6FBB40}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{ECF86312-A315-49DE-BF3F-1462B8EC36AC}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{00580795-581C-4587-B9F2-37320D7AB37F}" = Corel PaintShop Pro X4
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00580795-581C-4587-B9F2-37320D7AB37F}" = ICA
"{006CAAEF-CA96-4181-AC22-FE56D61432E4}" = PSPPContent
"{00AE1A2D-7BC2-4359-A0EC-E19F36E391BB}" = Corel PaintShop Pro X4
"{00BEE329-BAAB-49FF-9B66-55E4B12B9ADD}" = IPM_PSP_COM
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{00D13418-7DDF-4D3D-A237-E297B103BB6B}" = Setup
"{00D74A7A-F7AD-4D00-ABD2-0973836292C7}" = PSPPHelp
"{0420F95C-11FF-4E02-B967-6CC22B188F9F}" = Nero BackItUp
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD YouTube Downloader & Converter 3.6
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2290A680-4083-410A-ADCC-7092C67FC052}" = TOSHIBA Online Product Information
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}" = Supreme Commander
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{2AEC19D2-037B-4099-9AE0-267CAD0B522C}" = YouTube Downloader Toolbar v5.8
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{31D95937-B237-405D-920C-A3EF4E482395}" = Supreme Commander - Forged Alliance
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{397516AE-7DFE-4F90-84E0-BD616D559434}" = Nero BurnRights
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{3FBB191D-9DAA-452C-A2FA-5BADBB542DB1}" = BlackBerry Device Software v6.0.0 for the BlackBerry 9780 smartphone
"{410F24C4-ACD8-411B-9F9A-991E0AAE760C}" = Carbide.ui Theme Edition 3.4
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}" = Nero RescueAgent
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{52EFF266-98B7-4094-BD24-65490ED8E45D}" = Facebook Messenger 2.1.4520.0
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58E9B9AD-2E6D-49A8-80F3-215B6607E3C9}" = BlackBerry Device Software v5.0.0 for the BlackBerry 8520 smartphone
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{63CEA2E4-4FE7-4F2C-B388-C1313D24157C}" = SPORE™ Galactic Adventures
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6a4c236b-070e-410f-8a30-c25d7eaf56bf}" = Nero 9 Essentials
"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband Lite
"{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}" = Nero Express
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6D316D67-DA52-4659-9C98-F479963534D6}" = Audiosurf
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{85EBB283-65AF-4C53-9EBE-7C0A232762F7}" = AGEIA PhysX v7.03.21
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8944B5A2-A948-4BA2-9A14-B094EB23D779}" = SOTI Pocket Controller-Pro For BlackBerry
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CD0B97D-46E9-4293-B467-A24DB96DB6DB}" = TOSHIBA ReelTime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA0961E-FCFE-EEF2-04AA-32631F7CEC9E}" = Photo Service - powered by myphotobook
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A74F16FA-1D5B-405B-8D8D-1BC6F9DAED8B}" = Amazon.co.uk
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B0C30E93-D3D9-4F04-A2AC-54749B573275}" = Command & Conquer 3
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B2FB7DBA-CEEC-41F1-BC23-3323D96290F6}" = TOSHIBA Bulletin Board
"{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}" = Titan Quest Immortal Throne
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C07F8D75-7A8D-400E-A8F9-A3F396B49BB1}" = SPORE™ Creepy & Cute Parts Pack
"{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{C7A4F26F-F9B0-41B2-8659-99181108CDE3}" = TOSHIBA Media Controller
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CC2422C9-F7B5-4175-B295-5EC2283AA674}" = Command & Conquer™ 3: Kane's Wrath
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark Printable Web
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7B3493D-766C-40AA-9AA9-053B896D76DE}" = Angry Birds Rio
"{DBB7021A-3437-446F-ACE5-7261644A972C}" = Toshiba TEMPRO
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}" = Nero BackItUp and Burn
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0FAA369-B0E3-48B8-9447-4873103B0012}" = TOSHIBA ConfigFree
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}" = BlackBerry Desktop Software 5.0
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F6BDD7C5-89ED-4569-9318-469AA9732572}" = Nero BurnRights Help
"{F8C8FC80-E542-11D3-8F7F-009027591AA8}" = CMN
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FDE58148-57E7-43BF-879A-29CCE818C078}" = eBay
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEB2D0CA-9912-4AA1-8FBE-CFD852F9F1FC}" = Panda Cloud Antivirus
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 9.20
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"BitTorrent" = BitTorrent
"BitTorrentBar Toolbar" = BitTorrentBar Toolbar
"BlackBerry_{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}" = BlackBerry Desktop Software 5.0
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"Cheatbook Database 2011" = Cheatbook Database 2011
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Windows Driver Package - Nokia Modem (06/01/2009 4.1)
"Easy GIF Animator_is1" = Easy GIF Animator 5.3
"ENTERPRISE" = Microsoft Office Enterprise 2007
"eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Photo Service - powered by myphotobook
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.3)
"FinalMediaPlayer_is1" = Final Media Player 2011
"Insane Uninstall" = Insane
"InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"InstallShield_{8CD0B97D-46E9-4293-B467-A24DB96DB6DB}" = TOSHIBA ReelTime
"InstallShield_{B2FB7DBA-CEEC-41F1-BC23-3323D96290F6}" = TOSHIBA Bulletin Board
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Lexmark 5600-6600 Series" = Lexmark 5600-6600 Series
"MatlabR2007a" = MATLAB Student R2007a
"Mega Zipper" = Mega Zipper 1.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Nokia PC Suite" = Nokia PC Suite
"OpenAL" = OpenAL
"Panda Cloud Antivirus" = Panda Cloud Antivirus
"Panda Security URL Filtering" = Panda Security URL Filtering
"pandasecuritytb" = Panda Security Toolbar
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Texas Holdem Poker 3D Deluxe Edition DeLEGiON_is1" = Texas Holdem Poker 3D Deluxe Edition v1 0 DeLEGiON
"Toolbar Cleaner" = Toolbar Cleaner 1.0
"TOSHIBA Game Console" = WildTangent ORB Game Console
"Trusted Software Assistant_is1" = File Type Assistant
"VLC media player" = VLC media player 1.1.5
"WildTangent toshiba Master Uninstall" = WildTangent Games
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"Worms Reloaded_is1" = Worms Reloaded with Update 10
"WT083877" = Chuzzle Deluxe
"WT083890" = Zuma Deluxe
"WT083910" = Jewel Quest II
"WT083916" = Diner Dash 2 Restaurant Rescue
"WT083925" = Plants vs. Zombies
"WT083929" = Bejeweled 2 Deluxe
"WT083945" = FATE
"WT083958" = Penguins!
"WT083959" = Polar Bowler
"YouWave" = YouWave for Android

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = GameXN GO
"Google Chrome" = Google Chrome
"RewardsArcadeSuite" = RewardsArcadeSuite

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/3/2012 7:17:06 PM | Computer Name = Quintin-TOSH | Source = Google Update | ID = 20
Description =

Error - 6/3/2012 7:28:29 PM | Computer Name = Quintin-TOSH | Source = Application Error | ID = 1000
Description = Faulting application name: sidebar.exe, version: 6.1.7601.17514, time
stamp: 0x4ce79791 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
stamp: 0x4ec49b60 Exception code: 0xc0000005 Fault offset: 0x00055fa8 Faulting process
id: 0x1564 Faulting application start time: 0x01cd4192ef01b34a Faulting application
path: C:\Program Files\Windows Sidebar\sidebar.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: d2aa1eb8-add3-11e1-b248-88ae1ded36b7

Error - 6/3/2012 10:17:06 PM | Computer Name = Quintin-TOSH | Source = Google Update | ID = 20
Description =

Error - 6/4/2012 1:17:06 AM | Computer Name = Quintin-TOSH | Source = Google Update | ID = 20
Description =

Error - 6/4/2012 4:35:12 AM | Computer Name = Quintin-TOSH | Source = Application Error | ID = 1000
Description = Faulting application name: sidebar.exe, version: 6.1.7601.17514, time
stamp: 0x4ce79791 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
stamp: 0x4ec49b60 Exception code: 0xc0000005 Fault offset: 0x0005a5d5 Faulting process
id: 0x978 Faulting application start time: 0x01cd41e09e323de0 Faulting application
path: C:\Program Files\Windows Sidebar\sidebar.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 32c29ec5-ae20-11e1-b248-88ae1ded36b7

Error - 6/4/2012 5:44:05 AM | Computer Name = Quintin-TOSH | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.1.7601.17567,
time stamp: 0x4d6727a7 Faulting module name: SHELL32.dll, version: 6.1.7601.17755,
time stamp: 0x4f0412de Exception code: 0xc0000005 Fault offset: 0x0027cdc0 Faulting
process id: 0x1e70 Faulting application start time: 0x01cd41a1971a4023 Faulting application
path: C:\Windows\Explorer.EXE Faulting module path: C:\Windows\system32\SHELL32.dll
Report
Id: d25f586b-ae29-11e1-b248-88ae1ded36b7

Error - 6/4/2012 7:17:06 AM | Computer Name = Quintin-TOSH | Source = Google Update | ID = 20
Description =

Error - 6/4/2012 7:49:52 AM | Computer Name = Quintin-TOSH | Source = Application Error | ID = 1000
Description = Faulting application name: explorer.exe, version: 6.1.7601.17567,
time stamp: 0x4d6727a7 Faulting module name: SHELL32.dll, version: 6.1.7601.17755,
time stamp: 0x4f0412de Exception code: 0xc0000005 Fault offset: 0x0027cdc0 Faulting
process id: 0x1948 Faulting application start time: 0x01cd4236a1cd3f57 Faulting application
path: C:\Windows\explorer.exe Faulting module path: C:\Windows\system32\SHELL32.dll
Report
Id: 6492518e-ae3b-11e1-b248-88ae1ded36b7

Error - 6/4/2012 7:50:12 AM | Computer Name = Quintin-TOSH | Source = Application Error | ID = 1000
Description = Faulting application name: explorer.exe, version: 6.1.7601.17567,
time stamp: 0x4d6727a7 Faulting module name: SHELL32.dll, version: 6.1.7601.17755,
time stamp: 0x4f0412de Exception code: 0xc0000005 Fault offset: 0x0027cdc0 Faulting
process id: 0x1728 Faulting application start time: 0x01cd42482e3fbced Faulting application
path: C:\Windows\explorer.exe Faulting module path: C:\Windows\system32\SHELL32.dll
Report
Id: 708f089b-ae3b-11e1-b248-88ae1ded36b7

Error - 6/4/2012 2:21:42 PM | Computer Name = Quintin-TOSH | Source = Application Error | ID = 1000
Description = Faulting application name: explorer.exe, version: 6.1.7601.17567,
time stamp: 0x4d6727a7 Faulting module name: contmenu.dll_unloaded, version: 0.0.0.0,
time stamp: 0x4ce3db9d Exception code: 0xc0000005 Fault offset: 0x05dd1de4 Faulting
process id: 0x104c Faulting application start time: 0x01cd4248352cfb1b Faulting application
path: C:\Windows\explorer.exe Faulting module path: contmenu.dll Report Id: 21cde648-ae72-11e1-b248-88ae1ded36b7

[ System Events ]
Error - 9/7/2011 6:12:14 AM | Computer Name = Quintin-TOSH | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 9/7/2011 6:27:56 AM | Computer Name = Quintin-TOSH | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 9/7/2011 6:33:40 AM | Computer Name = Quintin-TOSH | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 9/7/2011 6:49:40 AM | Computer Name = Quintin-TOSH | Source = Service Control Manager | ID = 7023
Description = The Panda On-Access Anti-Malware Service service terminated with the
following error: %%1

Error - 9/7/2011 4:23:22 PM | Computer Name = Quintin-TOSH | Source = DCOM | ID = 10016
Description =

Error - 9/7/2011 4:28:01 PM | Computer Name = Quintin-TOSH | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 9/7/2011 4:29:16 PM | Computer Name = Quintin-TOSH | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 9/7/2011 4:29:23 PM | Computer Name = Quintin-TOSH | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 9/7/2011 5:32:33 PM | Computer Name = Quintin-TOSH | Source = WMPNetworkSvc | ID = 866331
Description =

Error - 9/8/2011 1:19:34 PM | Computer Name = Quintin-TOSH | Source = DCOM | ID = 10016
Description =

< End of report >

Here is the Gmer log

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-06-07 20:16:52
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.GH10
Running: 1jyfih6i.exe; Driver: C:\Users\Quintin\AppData\Local\Temp\fxriipow.sys

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 832943C9 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 832CDD52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
? System32\Drivers\spir.sys The system cannot find the path specified. !
.text C:\Windows\system32\DRIVERS\tos_sps32.sys section is writeable [0x8939C000, 0x3C849, 0xE8000020]
.dsrt C:\Windows\system32\DRIVERS\tos_sps32.sys unknown last section [0x893E1000, 0x3DC, 0x48000040]
.text USBPORT.SYS!DllUnload 8EA61DB9 5 Bytes JMP 86DAF4E0
.text a982vsmn.SYS 9073B000 12 Bytes [44, 48, 22, 83, EE, 46, 22, ...]
.text a982vsmn.SYS 9073B00D 9 Bytes [27, 22, 83, 48, 4B, 22, 83, ...] {DAA ; AND AL, [EBX-0x7cddb4b8]; ADD [EAX], AL}
.text a982vsmn.SYS 9073B017 170 Bytes [00, DE, D7, F8, 83, E6, D5, ...]
.text a982vsmn.SYS 9073B0C3 8 Bytes [00, 00, 00, 00, 00, 00, 00, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL}
.text a982vsmn.SYS 9073B0CE 4 Bytes [00, 00, 00, 00] {ADD [EAX], AL; ADD [EAX], AL}
.text ...
PAGE spsys.sys!?SPRevision@@3PADA + 4F90 BC056000 86 Bytes [8B, FF, 55, 8B, EC, 33, C0, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 4FE7 BC056057 203 Bytes [5E, C3, 8B, FF, 55, 8B, EC, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 50B3 BC056123 567 Bytes [15, 05, BC, FE, 05, 34, 15, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 52EB BC05635B 61 Bytes [33, C5, 89, 45, FC, 8B, 45, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 5329 BC056399 101 Bytes [6A, 28, 59, A5, 5E, C6, 03, ...]
PAGE ...

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Internet Explorer\iexplore.exe[740] kernel32.dll!CreateThread 76D4DCC2 5 Bytes JMP 689F72FB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] ADVAPI32.dll!RegSetValueExW 759114D6 6 Bytes JMP 686313AD C:\Program Files\Common Files\Spigot\Search Settings\wth.dll (WTH Dynamic Link Library/Spigot, Inc.)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!EnableWindow 76968D02 5 Bytes JMP 68A39A14 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!GetAsyncKeyState 7696A256 5 Bytes JMP 689DDD9D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!CallNextHookEx 7696ABE1 5 Bytes JMP 68A57BB7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!UnhookWindowsHookEx 7696ADF9 5 Bytes JMP 68A7EB10 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!DefWindowProcA 7696BB1C 7 Bytes JMP 689F9525 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!CreateWindowExA 7696BF40 5 Bytes JMP 68A0335B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!SetWindowsHookExW 7696E30C 5 Bytes JMP 68A32194 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!CreateWindowExW 7696EC7C 5 Bytes JMP 68A5FF8F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!GetKeyState 76972B4D 5 Bytes JMP 689DDC73 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!IsDialogMessageW 76974104 5 Bytes JMP 68B86EDD C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!DefWindowProcW 7697507D 7 Bytes JMP 68A57C1A C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!CreateDialogParamA 76981F42 5 Bytes JMP 68B86740 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!IsDialogMessage 76982019 5 Bytes JMP 68B86EB5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!DialogBoxParamW 76983B9B 5 Bytes JMP 6899170B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!CreateDialogIndirectParamA 7698721D 5 Bytes JMP 68B867B0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!CreateDialogIndirectParamW 7698EA10 5 Bytes JMP 68B867E8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!DialogBoxIndirectParamW 76993B7F 5 Bytes JMP 68B8640E C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!EndDialog 76993BA3 5 Bytes JMP 68B87189 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!CreateDialogParamW 76995630 5 Bytes JMP 68B86778 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!SetKeyboardState 7699695A 5 Bytes JMP 68B877A5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!SendInput 76997019 5 Bytes JMP 68B8774D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!SetCursorPos 769AC1B0 5 Bytes JMP 68B87826 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!DialogBoxParamA 769ACF42 5 Bytes JMP 68B863A9 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!DialogBoxIndirectParamA 769AD274 5 Bytes JMP 68B86473 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!MessageBoxIndirectA 769BE869 5 Bytes JMP 68B86330 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!MessageBoxIndirectW 769BE963 5 Bytes JMP 68B862B7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!MessageBoxExA 769BE9C9 5 Bytes JMP 68B86253 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!MessageBoxExW 769BE9ED 5 Bytes JMP 68B861EF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] USER32.dll!keybd_event 769BEC3B 5 Bytes JMP 68B8770A C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] SHELL32.dll!RealDriveType + 173D 75C0FDD0 4 Bytes [CF, 01, C8, 5D] {IRET ; ADD EAX, ECX; POP EBP}
.text C:\Program Files\Internet Explorer\iexplore.exe[740] SHELL32.dll!RealDriveType + 1745 75C0FDD8 8 Bytes [E0, 61, C7, 5D, 79, F7, C7, ...]
.text C:\Program Files\Internet Explorer\iexplore.exe[740] ole32.dll!OleLoadFromStream 76DE6143 5 Bytes JMP 68B86BE7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[740] WS2_32.dll!WSASend 76CC4406 6 Bytes JMP 719D0F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[740] WS2_32.dll!WSALookupServiceNextW 76CC4CBC 6 Bytes JMP 71A90F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[740] WS2_32.dll!WSALookupServiceEnd 76CC5239 6 Bytes JMP 71A60F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[740] WS2_32.dll!WSALookupServiceBeginW 76CC575A 6 Bytes JMP 71AF0F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[740] WS2_32.dll!recv 76CC6B0E 6 Bytes JMP 71A00F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[740] WS2_32.dll!send 76CC6F01 6 Bytes JMP 71A30F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[740] WS2_32.dll!WSARecv 76CC7089 6 Bytes JMP 719A0F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[740] WS2_32.dll!WSAGetOverlappedResult 76CC7489 6 Bytes JMP 71970F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] kernel32.dll!CreateThread 76D4DCC2 5 Bytes JMP 689F72FB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] ADVAPI32.dll!RegSetValueExW 759114D6 6 Bytes JMP 686313AD C:\Program Files\Common Files\Spigot\Search Settings\wth.dll (WTH Dynamic Link Library/Spigot, Inc.)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!EnableWindow 76968D02 5 Bytes JMP 68A39A14 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!GetAsyncKeyState 7696A256 5 Bytes JMP 689DDD9D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!CallNextHookEx 7696ABE1 5 Bytes JMP 68A57BB7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!UnhookWindowsHookEx 7696ADF9 5 Bytes JMP 68A7EB10 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!DefWindowProcA 7696BB1C 7 Bytes JMP 689F9525 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!CreateWindowExA 7696BF40 5 Bytes JMP 68A0335B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!SetWindowsHookExW 7696E30C 5 Bytes JMP 68A32194 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!CreateWindowExW 7696EC7C 5 Bytes JMP 68A5FF8F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!GetKeyState 76972B4D 5 Bytes JMP 689DDC73 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!IsDialogMessageW 76974104 5 Bytes JMP 68B86EDD C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!DefWindowProcW 7697507D 7 Bytes JMP 68A57C1A C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!CreateDialogParamA 76981F42 5 Bytes JMP 68B86740 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!IsDialogMessage 76982019 5 Bytes JMP 68B86EB5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!DialogBoxParamW 76983B9B 5 Bytes JMP 6899170B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!CreateDialogIndirectParamA 7698721D 5 Bytes JMP 68B867B0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!CreateDialogIndirectParamW 7698EA10 5 Bytes JMP 68B867E8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!DialogBoxIndirectParamW 76993B7F 5 Bytes JMP 68B8640E C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!EndDialog 76993BA3 5 Bytes JMP 68B87189 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!CreateDialogParamW 76995630 5 Bytes JMP 68B86778 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!SetKeyboardState 7699695A 5 Bytes JMP 68B877A5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!SendInput 76997019 5 Bytes JMP 68B8774D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!SetCursorPos 769AC1B0 5 Bytes JMP 68B87826 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!DialogBoxParamA 769ACF42 5 Bytes JMP 68B863A9 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!DialogBoxIndirectParamA 769AD274 5 Bytes JMP 68B86473 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!MessageBoxIndirectA 769BE869 5 Bytes JMP 68B86330 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!MessageBoxIndirectW 769BE963 5 Bytes JMP 68B862B7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!MessageBoxExA 769BE9C9 5 Bytes JMP 68B86253 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!MessageBoxExW 769BE9ED 5 Bytes JMP 68B861EF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] USER32.dll!keybd_event 769BEC3B 5 Bytes JMP 68B8770A C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] SHELL32.dll!RealDriveType + 173D 75C0FDD0 4 Bytes [CF, 01, C8, 5D] {IRET ; ADD EAX, ECX; POP EBP}
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] SHELL32.dll!RealDriveType + 1745 75C0FDD8 8 Bytes [E0, 61, C7, 5D, 79, F7, C7, ...]
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] ole32.dll!OleLoadFromStream 76DE6143 5 Bytes JMP 68B86BE7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] WS2_32.dll!WSASend 76CC4406 6 Bytes JMP 719D0F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] WS2_32.dll!WSALookupServiceNextW 76CC4CBC 6 Bytes JMP 71A90F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] WS2_32.dll!WSALookupServiceEnd 76CC5239 6 Bytes JMP 71A60F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] WS2_32.dll!WSALookupServiceBeginW 76CC575A 6 Bytes JMP 71AF0F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] WS2_32.dll!recv 76CC6B0E 6 Bytes JMP 71A00F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] WS2_32.dll!send 76CC6F01 6 Bytes JMP 71A30F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] WS2_32.dll!WSARecv 76CC7089 6 Bytes JMP 719A0F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[3876] WS2_32.dll!WSAGetOverlappedResult 76CC7489 6 Bytes JMP 71970F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] kernel32.dll!CreateThread 76D4DCC2 5 Bytes JMP 689F72FB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] ADVAPI32.dll!RegSetValueExW 759114D6 6 Bytes JMP 686313AD C:\Program Files\Common Files\Spigot\Search Settings\wth.dll (WTH Dynamic Link Library/Spigot, Inc.)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!EnableWindow 76968D02 5 Bytes JMP 68A39A14 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!GetAsyncKeyState 7696A256 5 Bytes JMP 689DDD9D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!CallNextHookEx 7696ABE1 5 Bytes JMP 68A57BB7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!UnhookWindowsHookEx 7696ADF9 5 Bytes JMP 68A7EB10 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!DefWindowProcA 7696BB1C 7 Bytes JMP 689F9525 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!CreateWindowExA 7696BF40 5 Bytes JMP 68A0335B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!SetWindowsHookExW 7696E30C 5 Bytes JMP 68A32194 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!CreateWindowExW 7696EC7C 5 Bytes JMP 68A5FF8F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!GetKeyState 76972B4D 5 Bytes JMP 689DDC73 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!IsDialogMessageW 76974104 5 Bytes JMP 68B86EDD C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!DefWindowProcW 7697507D 7 Bytes JMP 68A57C1A C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!CreateDialogParamA 76981F42 5 Bytes JMP 68B86740 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!IsDialogMessage 76982019 5 Bytes JMP 68B86EB5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!DialogBoxParamW 76983B9B 5 Bytes JMP 6899170B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!CreateDialogIndirectParamA 7698721D 5 Bytes JMP 68B867B0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!CreateDialogIndirectParamW 7698EA10 5 Bytes JMP 68B867E8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!DialogBoxIndirectParamW 76993B7F 5 Bytes JMP 68B8640E C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!EndDialog 76993BA3 5 Bytes JMP 68B87189 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!CreateDialogParamW 76995630 5 Bytes JMP 68B86778 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!SetKeyboardState 7699695A 5 Bytes JMP 68B877A5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!SendInput 76997019 5 Bytes JMP 68B8774D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!SetCursorPos 769AC1B0 5 Bytes JMP 68B87826 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!DialogBoxParamA 769ACF42 5 Bytes JMP 68B863A9 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!DialogBoxIndirectParamA 769AD274 5 Bytes JMP 68B86473 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!MessageBoxIndirectA 769BE869 5 Bytes JMP 68B86330 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!MessageBoxIndirectW 769BE963 5 Bytes JMP 68B862B7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!MessageBoxExA 769BE9C9 5 Bytes JMP 68B86253 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!MessageBoxExW 769BE9ED 5 Bytes JMP 68B861EF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] USER32.dll!keybd_event 769BEC3B 5 Bytes JMP 68B8770A C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] SHELL32.dll!RealDriveType + 173D 75C0FDD0 4 Bytes [CF, 01, C8, 5D] {IRET ; ADD EAX, ECX; POP EBP}
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] SHELL32.dll!RealDriveType + 1745 75C0FDD8 8 Bytes [E0, 61, C7, 5D, 79, F7, C7, ...]
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] ole32.dll!OleLoadFromStream 76DE6143 5 Bytes JMP 68B86BE7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] WS2_32.dll!WSASend 76CC4406 6 Bytes JMP 719D0F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] WS2_32.dll!WSALookupServiceNextW 76CC4CBC 6 Bytes JMP 71A90F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] WS2_32.dll!WSALookupServiceEnd 76CC5239 6 Bytes JMP 71A60F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] WS2_32.dll!WSALookupServiceBeginW 76CC575A 6 Bytes JMP 71AF0F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] WS2_32.dll!recv 76CC6B0E 6 Bytes JMP 71A00F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] WS2_32.dll!send 76CC6F01 6 Bytes JMP 71A30F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] WS2_32.dll!WSARecv 76CC7089 6 Bytes JMP 719A0F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[5444] WS2_32.dll!WSAGetOverlappedResult 76CC7489 6 Bytes JMP 71970F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[5708] ADVAPI32.dll!RegSetValueExW 759114D6 6 Bytes JMP 686313AD C:\Program Files\Common Files\Spigot\Search Settings\wth.dll (WTH Dynamic Link Library/Spigot, Inc.)
.text C:\Program Files\Internet Explorer\iexplore.exe[5708] ADVAPI32.dll!RegSetValueW 7592A68A 6 Bytes JMP 6863138A C:\Program Files\Common Files\Spigot\Search Settings\wth.dll (WTH Dynamic Link Library/Spigot, Inc.)
.text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!EnableWindow 76968D02 5 Bytes JMP 68A39A14 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!DialogBoxParamW 76983B9B 5 Bytes JMP 6899170B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!DialogBoxIndirectParamW 76993B7F 5 Bytes JMP 68B8640E C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!DialogBoxParamA 769ACF42 5 Bytes JMP 68B863A9 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!DialogBoxIndirectParamA 769AD274 5 Bytes JMP 68B86473 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!MessageBoxIndirectA 769BE869 5 Bytes JMP 68B86330 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!MessageBoxIndirectW 769BE963 5 Bytes JMP 68B862B7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!MessageBoxExA 769BE9C9 5 Bytes JMP 68B86253 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5708] USER32.dll!MessageBoxExW 769BE9ED 5 Bytes JMP 68B861EF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5708] WS2_32.dll!WSASend 76CC4406 6 Bytes JMP 719D0F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[5708] WS2_32.dll!WSALookupServiceNextW 76CC4CBC 6 Bytes JMP 71A90F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[5708] WS2_32.dll!WSALookupServiceEnd 76CC5239 6 Bytes JMP 71A60F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[5708] WS2_32.dll!WSALookupServiceBeginW 76CC575A 6 Bytes JMP 71AF0F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[5708] WS2_32.dll!recv 76CC6B0E 6 Bytes JMP 71A00F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[5708] WS2_32.dll!send 76CC6F01 6 Bytes JMP 71A30F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[5708] WS2_32.dll!WSARecv 76CC7089 6 Bytes JMP 719A0F5A
.text C:\Program Files\Internet Explorer\iexplore.exe[5708] WS2_32.dll!WSAGetOverlappedResult 76CC7489 6 Bytes JMP 71970F5A

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 855AF1F8
Device \Driver\sptd \Device\479209999 spir.sys

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)

Device \Driver\volmgr \Device\VolMgrControl 855A91F8
Device \Driver\usbuhci \Device\USBPDO-0 870971F8
Device \Driver\usbuhci \Device\USBPDO-1 870971F8
Device \Driver\usbuhci \Device\USBPDO-2 870971F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{C576D608-FCE8-433E-9BBE-024AD25D8CE6} 870521F8
Device \Driver\usbehci \Device\USBPDO-3 87095500
Device \Driver\NetBT \Device\NetBT_Tcpip_{82F758C1-1400-463C-9304-3EA43904D164} 870521F8
Device \Driver\usbuhci \Device\USBPDO-4 870971F8
Device \Driver\usbuhci \Device\USBPDO-5 870971F8
Device \Driver\usbuhci \Device\USBPDO-6 870971F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{C2946C71-E83C-4A67-8AF6-1E73E80ABBD7} 870521F8
Device \Driver\volmgr \Device\HarddiskVolume1 855A91F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

Device \Driver\usbehci \Device\USBPDO-7 87095500
Device \Driver\volmgr \Device\HarddiskVolume2 855A91F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

Device \Driver\cdrom \Device\CdRom0 86FB71F8
Device \Driver\iaStor \Device\Ide\iaStor0 [88ECE360] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\iaStor \Device\Ide\IAAStorageDevice-0 [88ECE360] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\iaStor \Device\Ide\IAAStorageDevice-1 [88ECE360] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\volmgr \Device\HarddiskVolume3 855A91F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

Device \Driver\cdrom \Device\CdRom1 86FB71F8
Device \Driver\PCI_PNP9996 \Device\00000066 spir.sys
Device \Driver\NetBT \Device\NetBT_Tcpip_{49B0D569-8DCA-40DB-A6A4-092666179C7D} 870521F8
Device \Driver\cdrom \Device\CdRom3 86FB71F8
Device \Driver\volmgr \Device\HarddiskVolume5 855A91F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

Device \Driver\NetBT \Device\NetBt_Wins_Export 870521F8
Device \Driver\USBSTOR \Device\000000b6 8574E1F8
Device \Driver\USBSTOR \Device\000000b8 8574E1F8
Device \Driver\USBSTOR \Device\000000b9 8574E1F8
Device \Driver\ACPI_HAL \Device\0000005d halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBFDO-0 870971F8
Device \Driver\usbuhci \Device\USBFDO-1 870971F8
Device \Driver\usbuhci \Device\USBFDO-2 870971F8
Device \Driver\usbehci \Device\USBFDO-3 87095500
Device \Driver\usbuhci \Device\USBFDO-4 870971F8
Device \Driver\usbuhci \Device\USBFDO-5 870971F8
Device \Driver\usbuhci \Device\USBFDO-6 870971F8
Device \Driver\usbehci \Device\USBFDO-7 87095500
Device \Driver\a982vsmn \Device\Scsi\a982vsmn1Port1Path0Target1Lun0 871BA1F8
Device \Driver\a982vsmn \Device\Scsi\a982vsmn1 871BA1F8
Device \FileSystem\cdfs \Cdfs 85B161F8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{98100F84-777D-44FB-8996-727230044E35}\Connection@Name isatap.{C576D608-FCE8-433E-9BBE-024AD25D8CE6}
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Bind \Device\{70E5B282-8A83-443A-AE30-6D03413D606D}?\Device\{946B9FAF-2D12-46DD-926B-982DDC7476B6}?\Device\{8295242D-CF69-4B7F-B48D-4BD0B47A5AE7}?\Device\{98100F84-777D-44FB-8996-727230044E35}?\Device\{3E59842C-4D5A-432B-9F0C-73A11DF9888A}?\Device\{8D4A06B3-746E-41E4-BED6-E2DA097CF855}?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Route "{70E5B282-8A83-443A-AE30-6D03413D606D}"?"{946B9FAF-2D12-46DD-926B-982DDC7476B6}"?"{8295242D-CF69-4B7F-B48D-4BD0B47A5AE7}"?"{98100F84-777D-44FB-8996-727230044E35}"?"{3E59842C-4D5A-432B-9F0C-73A11DF9888A}"?"{8D4A06B3-746E-41E4-BED6-E2DA097CF855}"?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Export \Device\TCPIP6TUNNEL_{70E5B282-8A83-443A-AE30-6D03413D606D}?\Device\TCPIP6TUNNEL_{946B9FAF-2D12-46DD-926B-982DDC7476B6}?\Device\TCPIP6TUNNEL_{8295242D-CF69-4B7F-B48D-4BD0B47A5AE7}?\Device\TCPIP6TUNNEL_{98100F84-777D-44FB-8996-727230044E35}?\Device\TCPIP6TUNNEL_{3E59842C-4D5A-432B-9F0C-73A11DF9888A}?\Device\TCPIP6TUNNEL_{8D4A06B3-746E-41E4-BED6-E2DA097CF855}?
Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{98100F84-777D-44FB-8996-727230044E35}@InterfaceName isatap.{C576D608-FCE8-433E-9BBE-024AD25D8CE6}
Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{98100F84-777D-44FB-8996-727230044E35}@ReusableType 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xB2 0xCB 0xCE 0xEC ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xFC 0x6F 0x47 0x10 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x55 0xB6 0x72 0x1C ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0xE4 0x20 0x24 0xC1 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xB2 0xCB 0xCE 0xEC ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xFC 0x6F 0x47 0x10 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x55 0xB6 0x72 0x1C ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0xE4 0x20 0x24 0xC1 ...

---- EOF - GMER 1.0.15 ----

And last but not least the security checker log

Results of screen317's Security Check version 0.99.41
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Panda Cloud Antivirus
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
McAfee SiteAdvisor
Toolbar Cleaner 1.0
Java™ 6 Update 31
Java version out of date!
Adobe Reader X (10.1.2)
Google Chrome 19.0.1084.46
Google Chrome 19.0.1084.52
````````Process Check: objlist.exe by Laurent````````
Panda Security Panda Cloud Antivirus PSANHost.exe
Panda Security Panda Cloud Antivirus PSUNMain.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

Hope this helps, thank you very much

QRAyres

#5 Conspire

SuperHelper

Retired Classroom Teacher
5,806 posts

Posted 07 June 2012 - 09:34 PM

I don't see anything significant in the log. Your hard disk seems to have reached a critically low level. Have you ever considered upgrading your HDD?

Download TFC to your desktop

Close any open windows.
Double click the TFC icon to run the program
TFC will close all open programs itself in order to run,
Click the Start button to begin the process.
Allow TFC to run uninterrupted.
The program should not take long to finish it's job
Once its finished it should automatically reboot your machine,
if it doesn't, manually reboot to ensure a complete clean

===================================================

ESET Online Scanner
I'd like us to scan your machine with ESET OnlineScan

Note: If you are using Windows Vista/7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

*Note
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.

Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
Click the button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
- Click on to download the ESET Smart Installer. Save it to your desktop.
- Double click on the icon on your desktop.
Check
Click the button.
Accept any security warnings from your browser.
Check
Make sure that the option "Remove found threats" is Unchecked
Push the Start button.
ESET will then download updates for itself, install itself, and begin
scanning your computer. Please be patient as this can take some time.
When the scan completes, push
Push , and save the file to your desktop using a unique name, such as MyEsetScan. Alternatively, look for report in C:\Program Files\ESET\ESET Online Scanner\log.txt. Include the contents of this report in your next reply.
Push the Back button.
Select Uninstall application on close check box and push

===================================================

Malwarebytes' Anti-Malware
Download Malwarebytes' Anti-Malware here and save to your desktop.

Double-click mbam-setup.exe and follow the prompts to install the program. (Note to Vista users, please right-click and select Run as Administrator.)
At the end, be sure a checkmark is placed next to:
- Update Malwarebytes' Anti-Malware
- Launch Malwarebytes' Anti-Malware
Then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform quick scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad. Please copy and paste the log back into your next reply

Note:

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
Or via the Logs tab when Malwarebytes' Anti-Malware is started.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so. Failure to reboot will prevent MBAM from removing all the malware.

===================================================

On your next reply please post :
ESET log
MBAM log

Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.

Good Day!

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may

#6 Squirrel1693

Authentic Member

Authentic Member
20 posts

Posted 08 June 2012 - 06:39 PM

[u]Eset Log[/u]

C:\Users\Quintin\Documents\Bluetooth\Inbox\DownloadManagerSetup.exe a variant of Win32/SweetIM.B application
C:\Users\Quintin\Downloads\FinalMediaPlayer2011Setup.exe a variant of Win32/InstallIQ application
C:\Users\Quintin\Downloads\softline_pastel_xpress_downloader_340.exe a variant of Win32/ExpressFiles application
C:\Users\Quintin\Downloads\SoftonicDownloader_for_deskbot.exe Win32/SoftonicDownloader.D application
C:\Users\Quintin\Downloads\YouTube HD Video Downloader [PRO] v3.5 + Serial Key - {RedDragon}\YouTube HD Video Downloader [PRO] v3.5 + Serial Key - {RedDragon}.rar multiple threats
C:\Users\Quintin\Downloads\YouTube HD Video Downloader [PRO] v3.5 + Serial Key - {RedDragon}\YouTube HD Video DownloaderSetup 3.5 .exe a variant of Win32/Toolbar.Widgi application
C:\Windows\Installer\28bcd425.msi a variant of Win32/Toolbar.Widgi application
D:\Documents\Documents\My Games\Harry Potter and the Half-Blood Prince\rzr-hpbp.iso probably a variant of Win32/Hupigon.NPYNBMO trojan

MBAM Log

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.08.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Quintin :: QUINTIN-TOSH [administrator]

Protection: Enabled

2012/06/09 01:36:19 AM
mbam-log-2012-06-09 (01-36-19).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 210510
Time elapsed: 8 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\Software\Cr_Installer\1950 (Adware.GamePlayLab) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NvCplDaemonTool (Trojan.Agent.WIMP) -> Data: rundll32.exe C:\Users\Quintin\eqload06.dll,_IWMPEvents -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\Quintin\Downloads\SoftonicDownloader_for_deskbot.exe (PUP.ToolbarDownloader) -> Quarantined and deleted successfully.
C:\Users\Quintin\Downloads\FinalMediaPlayer2011Setup.exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.

(end)

Thank you.

QRAyres

#7 Conspire

SuperHelper

Retired Classroom Teacher
5,806 posts

Posted 08 June 2012 - 10:04 PM

Run OTL.exe

Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

:Files
C:\Users\Quintin\Documents\Bluetooth\Inbox\DownloadManagerSetup.exe
C:\Users\Quintin\Downloads\FinalMediaPlayer2011Setup.exe
C:\Users\Quintin\Downloads\softline_pastel_xpress_downloader_340.exe
C:\Users\Quintin\Downloads\SoftonicDownloader_for_deskbot.exe
C:\Users\Quintin\Downloads\YouTube HD Video Downloader [PRO] v3.5 + Serial Key - {RedDragon}\YouTube HD Video Downloader [PRO] v3.5 + Serial Key - {RedDragon}.rar
C:\Users\Quintin\Downloads\YouTube HD Video Downloader [PRO] v3.5 + Serial Key - {RedDragon}\YouTube HD Video DownloaderSetup 3.5 .exe
C:\Windows\Installer\28bcd425.msi
D:\Documents\Documents\My Games\Harry Potter and the Half-Blood Prince\rzr-hpbp.iso

:Commands
[CLEARALLRESTOREPOINTS]

Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done
Then post Fix OTL log as well as a new OTL log by rerunning it after reboot without custom scans script.

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may

#8 Squirrel1693

Authentic Member

Authentic Member
20 posts

Posted 09 June 2012 - 05:41 AM

size="4"]OTL FIX LOG[/size]

========== FILES ==========
C:\Users\Quintin\Documents\Bluetooth\Inbox\DownloadManagerSetup.exe moved successfully.
File\Folder C:\Users\Quintin\Downloads\FinalMediaPlayer2011Setup.exe not found.
C:\Users\Quintin\Downloads\softline_pastel_xpress_downloader_340.exe moved successfully.
File\Folder C:\Users\Quintin\Downloads\SoftonicDownloader_for_deskbot.exe not found.
C:\Users\Quintin\Downloads\YouTube HD Video Downloader [PRO] v3.5 + Serial Key - {RedDragon}\YouTube HD Video Downloader [PRO] v3.5 + Serial Key - {RedDragon}.rar moved successfully.
C:\Users\Quintin\Downloads\YouTube HD Video Downloader [PRO] v3.5 + Serial Key - {RedDragon}\YouTube HD Video DownloaderSetup 3.5 .exe moved successfully.
C:\Windows\Installer\28bcd425.msi moved successfully.
D:\Documents\Documents\My Games\Harry Potter and the Half-Blood Prince\rzr-hpbp.iso moved successfully.
========== COMMANDS ==========
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.46.0 log created on 06092012_123732

OTL Scan Log Without Script

OTL logfile created on: 2012/06/09 01:26:47 PM - Run 4
OTL by OldTimer - Version 3.2.46.0 Folder = C:\Users\Quintin\Desktop\PC
Home Basic Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: South Africa | Language: ENS | Date Format: yyyy/MM/dd

1.87 Gb Total Physical Memory | 0.68 Gb Available Physical Memory | 36.19% Memory free
3.74 Gb Paging File | 2.16 Gb Available in Paging File | 57.72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116.44 Gb Total Space | 4.55 Gb Free Space | 3.91% Space Free | Partition Type: NTFS
Drive D: | 116.05 Gb Total Space | 36.43 Gb Free Space | 31.39% Space Free | Partition Type: NTFS
Drive G: | 45.71 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive I: | 1.86 Gb Total Space | 0.61 Gb Free Space | 32.59% Space Free | Partition Type: FAT32

Computer Name: QUINTIN-TOSH | User Name: Quintin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Quintin\Desktop\PC\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Users\Quintin\AppData\Local\Facebook\Messenger\2.1.4520.0\FacebookMessenger.exe (Facebook)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_2_202_233_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security)
PRC - C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS)
PRC - c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)
PRC - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANToManager.exe (Panda Security, S.L.)
PRC - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
PRC - C:\Program Files\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
PRC - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
PRC - C:\Program Files\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
PRC - C:\Program Files\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
PRC - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
PRC - C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.)
PRC - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation)
PRC - C:\Program Files\Lexmark 5600-6600 Series\lxdumsdmon.exe ()
PRC - C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe ()
PRC - C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe (TOSHIBA CORPORATION)
PRC - c:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Windows\System32\lxducoms.exe ( )
PRC - C:\Windows\System32\spool\drivers\w32x86\3\lxduserv.exe (Lexmark International, Inc.)
PRC - C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)

========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\08d608378aa405adc844f3cf36974b8c\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6f3b99ed0b791ff4d8aa52f2f0cd0bcf\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\fbc05b5b05dc6366b02b8e2f77d080f1\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\20008c75bb41e2febf84d4d4aea5b4e8\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Design\52873358b397c328168f0a5be7f3b9ae\System.Design.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\02d5be8209f0eac6f7725f8d83b87df6\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\da5da08245467818759aa44c4eb948e1\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\ad18f93fc713db2c4b29b25116c13bd8\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\1e85062785e286cd9eae9c26d2c61f73\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\2ad23de8284d4594aa658dfb5e667d97\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\9859a6e0562f64eacfb8ad76f260a2d6\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf293040f3a93afa1ea782487acae816\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\d9a485330ec2708456134e4a9712a4ab\System.Security.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll ()
MOD - C:\Users\Quintin\AppData\Local\Facebook\Messenger\2.1.4520.0\CefSharp.dll ()
MOD - C:\Users\Quintin\AppData\Local\Facebook\Messenger\2.1.4520.0\CefSharp.WinForms.dll ()
MOD - C:\Users\Quintin\AppData\Local\Facebook\Messenger\2.1.4520.0\libcef.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Taskbar.dll ()
MOD - C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll ()
MOD - C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll ()
MOD - C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll ()
MOD - C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll ()
MOD - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll ()
MOD - C:\Program Files\Lexmark 5600-6600 Series\lxdumsdmon.exe ()
MOD - C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe ()
MOD - C:\Program Files\Lexmark Printable Web\resource.dll ()
MOD - C:\Program Files\Lexmark Printable Web\bho.dll ()
MOD - C:\Program Files\Lexmark 5600-6600 Series\lxducaps.dll ()
MOD - C:\Program Files\Lexmark 5600-6600 Series\lxduscw.dll ()
MOD - C:\Program Files\Lexmark 5600-6600 Series\lxdudrs.dll ()
MOD - C:\Program Files\Lexmark 5600-6600 Series\lxducnv4.dll ()
MOD - C:\Program Files\Lexmark 5600-6600 Series\app4r.monitor.core.dll ()
MOD - C:\Program Files\Lexmark 5600-6600 Series\app4r.monitor.common.dll ()
MOD - C:\Program Files\Lexmark 5600-6600 Series\app4r.devmons.mcmdevmon.dll ()
MOD - C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll ()
MOD - C:\Windows\System32\spool\drivers\w32x86\3\lxdudatr.dll ()
MOD - C:\Windows\System32\msjetoledb40.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
MOD - C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll ()
MOD - C:\Program Files\Lexmark 5600-6600 Series\app4r.devmons.mcmdevmon.autoplayutil.dll ()
MOD - C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll ()

========== Win32 Services (SafeList) ==========

SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (McAfee SiteAdvisor Service) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (VmbService) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
SRV - (NanoServiceMain) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
SRV - (TMachInfo) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (IconMan_R) -- C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO) -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (TOSHIBA HDD SSD Alert Service) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
SRV - (cfWiMAXService) -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe (TOSHIBA CORPORATION)
SRV - (Nero BackItUp Scheduler 4.0) -- c:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (GameConsoleService) -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (lxdu_device) -- C:\Windows\System32\lxducoms.exe ( )
SRV - (lxduCATSCustConnectService) -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe ()
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (RemoteAccess) -- C:\Windows\System32\mprdim.dll (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (ConfigFree Service) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)

========== Driver Services (SafeList) ==========

DRV - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
DRV - (aaoopzt8) -- File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (PSINAflt) -- C:\Windows\System32\drivers\PSINAflt.sys (Panda Security, S.L.)
DRV - (PSINProt) -- C:\Windows\System32\drivers\PSINProt.sys (Panda Security, S.L.)
DRV - (PSINKNC) -- C:\Windows\System32\drivers\PSINKNC.sys (Panda Security, S.L.)
DRV - (VBoxDrv) -- C:\Program Files\YouWave_Android\vb\VBoxDrv.sys (Oracle Corporation)
DRV - (huawei_enumerator) -- C:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (vodafone_zte_cdc_ecm) -- C:\Windows\System32\drivers\vodafone_zte_cdc_ecm.sys (Vodafone)
DRV - (vodafone_zte_ecm_enum_filter) -- C:\Windows\System32\drivers\vodafone_zte_ecm_enum_filter.sys (Vodafone)
DRV - (vodafone_zte_ecm_enum) Vodafone Vodafone ZTE DC Enumerator (ZTE) -- C:\Windows\System32\drivers\vodafone_zte_ecm_enum.sys (Vodafone)
DRV - (vodafone_zte_cdc_acm) Vodafone Vodafone ZTE CDC-ACM driver (ZTE) -- C:\Windows\System32\drivers\vodafone_zte_cdc_acm.sys (Vodafone)
DRV - (vodafone_zte_cpo) -- C:\Windows\System32\drivers\vodafone_zte_cpo.sys (Vodafone)
DRV - (PSINProc) -- C:\Windows\System32\drivers\PSINProc.sys (Panda Security, S.L.)
DRV - (PSINFile) -- C:\Windows\System32\drivers\PSINFile.sys (Panda Security, S.L.)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (udfs) -- C:\Windows\System32\drivers\udfs.sys (Microsoft Corporation)
DRV - (CeKbFilter) -- C:\Windows\System32\drivers\CeKbFilter.sys (Compal Electronics, INC.)
DRV - (vodafone_K3805-z_dc_enum) -- C:\Windows\System32\drivers\vodafone_K3805-z_dc_enum.sys (Vodafone)
DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV - (Tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (tos_sps32) -- C:\Windows\System32\drivers\tos_sps32.sys (TOSHIBA Corporation)
DRV - (TosRfSnd) -- C:\Windows\System32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (LPCFilter) -- C:\Windows\System32\drivers\LPCFilter.sys (COMPAL ELECTRONIC INC.)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (TVALZ) -- C:\Windows\System32\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV - (crcdisk) -- C:\Windows\System32\drivers\crcdisk.sys (Microsoft Corporation)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (ws2ifsl) -- C:\Windows\System32\drivers\ws2ifsl.sys (Microsoft Corporation)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
DRV - (pavboot) -- C:\Windows\System32\drivers\pavboot.sys (Panda Security, S.L.)
DRV - (PGEffect) -- C:\Windows\System32\drivers\PGEffect.sys (TOSHIBA Corporation)
DRV - (Tosrfhid) -- C:\Windows\System32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (tosporte) -- C:\Windows\System32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{28AC540B-DFF1-4EB4-A8D7-B2EC5FEE81AD}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...mp;sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.up.ac.za...ate=r4op2y86x_4
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {96B6FDCC-F99F-4A18-AA93-7E00F0E0E845}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...amp;FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...c=browsersearch
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" =
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...mp;sourceid=ie7
IE - HKCU\..\SearchScopes\{96B6FDCC-F99F-4A18-AA93-7E00F0E0E845}: "URL" = http://www.google.co...1I7ADFA_enZA424
IE - HKCU\..\SearchScopes\{E93AB632-8576-4935-840F-42CBBEDB09CA}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:3128

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Quintin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Quintin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Quintin\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll (Facebook, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2011/01/19 20:56:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/02/28 14:48:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp1950@crossrider.com: C:\Users\Quintin\AppData\Local\RewardsArcadeSuite\1950\Firefox [2012/01/22 01:30:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/08 18:20:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/06/08 18:20:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Quintin\AppData\Roaming\Mozilla\Extensions
[2012/05/08 00:38:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Quintin\AppData\Roaming\Mozilla\Firefox\extensions
[2012/05/08 00:38:41 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Quintin\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2012/06/08 18:20:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/06/01 17:40:25 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/06/01 17:39:16 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/01 17:39:16 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{googl
e:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chro
me&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client
=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Quintin\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Quintin\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Quintin\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Quintin\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll
CHR - Extension: Flashcards = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adgakpcekaedlfopplbbmbbknppkpjgp\0.7.2_0\
CHR - Extension: BIODIGITAL HUMAN = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak\0.9.5_0\
CHR - Extension: From Dust = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\anelkojiepicmcldgnmkplocifmegpfj\0.0.0.23_0\
CHR - Extension: Language Immersion for Chrome = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bedbecnakfcpmkpddjfnfihogkaggkhl\1.0.3_0\
CHR - Extension: Graphing Calculator by Desmos.com = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhdheahnajobgndecdbggfmcojekgdko\1.4_0\
CHR - Extension: YouTube = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Daum Equation Editor = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dinfmiceliiomokeofbocegmacmagjhe\1.2.130_0\
CHR - Extension: Build a Robot = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkifjkfdmacgkhldodeohbhcknoijpeo\1.1_0\
CHR - Extension: Toss it = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlifoiidlkcpdlchhngenehnhcadakpl\2.3_0\
CHR - Extension: Crazy Rollercoaster = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eafhgomkapdagnpmmgilphbolnejepoc\1.0_0\
CHR - Extension: SiteAdvisor = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\
CHR - Extension: Run Ninja Run = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjjeacpabbmdgffcfccfaihbghhbnpl\1.0.1_0\
CHR - Extension: RewardsArcade Suite = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ielefkgbofdpglioecfjcbikholflklb\1.17.28_0\
CHR - Extension: Element = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjpnebljmdbglkmlnijcaplhfhkhdnib\0.9.0_0\
CHR - Extension: Google I/O: input/output = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbmphclbekipaojhpbkbofoioffecilh\1.3.3.7_0\
CHR - Extension: Advanced Periodic Table = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\obpkghbakijeifcoimhhechlmcbdmmli\1.7_0\
CHR - Extension: Khan Academy = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pahdiadnidmaaoohjmlkcjffbfcapgko\0.0.0.1_0\
CHR - Extension: Gmail = C:\Users\Quintin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (RewardsArcadeSuite) - {B6EF6C45-5E8D-4c3b-B580-A5073261A381} - C:\Program Files\RewardsArcadeSuite\RewardsArcadeSuite.dll (215 Apps)
O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Iusage] C:\PROGRA~1\INTERN~2\nonetdet.exe File not found
O4 - HKLM..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Lexmark 5600-6600 Series Fax Server] C:\Program Files\Lexmark 5600-6600 Series\fm3032.exe ()
O4 - HKLM..\Run: [lxduamon] C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe ()
O4 - HKLM..\Run: [lxdumon.exe] C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
O4 - HKLM..\Run: [NBAgent] c:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [Panda Security URL Filtering] C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security)
O4 - HKLM..\Run: [PSUNMain] C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Quintin\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [GameXN] C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS)
O4 - HKCU..\Run: [GameXN (news)] C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS)
O4 - HKCU..\Run: [GameXN (update)] C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS)
O4 - HKCU..\Run: [Rim.DesktopHelper.exe] C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.DesktopHelper.exe File not found
O4 - Startup: C:\Users\Quintin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Quintin\AppData\Local\Facebook\Messenger\2.1.4520.0\FacebookMessenger.exe (Facebook)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{49B0D569-8DCA-40DB-A6A4-092666179C7D}: NameServer = 196.207.36.251 196.207.36.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5F3E652B-6EC5-4996-8800-D27E8A5BFBF9}: DhcpNameServer = 41.221.224.2 41.221.224.26
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/07/14 20:46:15 | 000,000,118 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{05afe519-04a2-11e1-8a54-88ae1ded36b7}\Shell - "" = AutoRun
O33 - MountPoints2\{05afe519-04a2-11e1-8a54-88ae1ded36b7}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{05afe51f-04a2-11e1-8a54-88ae1ded36b7}\Shell - "" = AutoRun
O33 - MountPoints2\{05afe51f-04a2-11e1-8a54-88ae1ded36b7}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{6507d62b-4cd9-11e1-b3fe-88ae1ded36b7}\Shell - "" = AutoRun
O33 - MountPoints2\{6507d62b-4cd9-11e1-b3fe-88ae1ded36b7}\Shell\AutoRun\command - "" = F:\VMC_PBStarter.exe
O33 - MountPoints2\{6fd5e637-04b8-11e1-a2e2-88ae1ded36b7}\Shell - "" = AutoRun
O33 - MountPoints2\{6fd5e637-04b8-11e1-a2e2-88ae1ded36b7}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{7560f76e-a293-11e0-a9fe-88ae1ded36b7}\Shell - "" = AutoRun
O33 - MountPoints2\{7560f76e-a293-11e0-a9fe-88ae1ded36b7}\Shell\AutoRun\command - "" = F:\VMC_PBStarter.exe
O33 - MountPoints2\{7560f771-a293-11e0-a9fe-88ae1ded36b7}\Shell - "" = AutoRun
O33 - MountPoints2\{7560f771-a293-11e0-a9fe-88ae1ded36b7}\Shell\AutoRun\command - "" = F:\VMC_PBStarter.exe
O33 - MountPoints2\{75e151d7-8f71-11e0-a43c-88ae1ded36b7}\Shell - "" = AutoRun
O33 - MountPoints2\{75e151d7-8f71-11e0-a43c-88ae1ded36b7}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{811dfc51-10e5-11e0-a4bc-88ae1ded36b7}\Shell - "" = AutoRun
O33 - MountPoints2\{811dfc51-10e5-11e0-a4bc-88ae1ded36b7}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{811dfc54-10e5-11e0-a4bc-88ae1ded36b7}\Shell - "" = AutoRun
O33 - MountPoints2\{811dfc54-10e5-11e0-a4bc-88ae1ded36b7}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{e18bc47e-1034-11e0-92d7-88ae1ded36b7}\Shell - "" = AutoRun
O33 - MountPoints2\{e18bc47e-1034-11e0-92d7-88ae1ded36b7}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{e18bc484-1034-11e0-92d7-88ae1ded36b7}\Shell - "" = AutoRun
O33 - MountPoints2\{e18bc484-1034-11e0-92d7-88ae1ded36b7}\Shell\AutoRun\command - "" = G:\setup.exe -- [2011/07/15 15:23:56 | 047,597,473 | R--- | M] ()
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup.exe -- [2011/07/15 15:23:56 | 047,597,473 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/09 12:37:32 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/06/09 01:32:45 | 000,000,000 | ---D | C] -- C:\Users\Quintin\AppData\Roaming\Malwarebytes
[2012/06/09 01:32:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/06/09 01:32:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/06/09 01:32:31 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/06/09 01:32:31 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/06/08 18:20:45 | 000,000,000 | ---D | C] -- C:\Users\Quintin\AppData\Local\Mozilla
[2012/06/08 18:20:38 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/06/08 18:20:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/06/08 18:20:33 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/06/07 14:18:39 | 000,000,000 | ---D | C] -- C:\Users\Quintin\Desktop\PC
[2012/06/01 18:44:53 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\pavboot.sys
[2012/06/01 18:44:18 | 000,000,000 | -H-D | C] -- C:\Windows\AxInstSV
[2012/06/01 15:24:30 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2012/06/01 15:24:28 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader Toolbar
[2012/06/01 15:24:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2012/06/01 15:24:25 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/05/28 01:11:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BestGameEver
[2012/05/28 01:10:23 | 000,000,000 | ---D | C] -- C:\Program Files\BestGameEver
[2012/05/22 10:58:46 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/05/22 10:58:44 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/05/22 10:58:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/05/22 10:58:42 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/05/22 10:58:41 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/05/22 10:58:40 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/05/22 01:34:56 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012/05/22 01:34:56 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012/05/18 09:46:07 | 000,000,000 | ---D | C] -- C:\Users\Quintin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2012/05/18 00:57:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2012/05/18 00:41:51 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2012/05/18 00:41:51 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2012/05/18 00:41:48 | 001,171,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/05/18 00:41:48 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2012/05/18 00:41:48 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2012/05/18 00:41:46 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2012/05/18 00:41:44 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2012/05/18 00:41:43 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2012/05/18 00:41:43 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2012/05/18 00:41:42 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2012/05/18 00:41:41 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012/05/18 00:41:40 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2012/05/18 00:41:40 | 000,520,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2012/05/18 00:41:39 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2012/05/18 00:41:39 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2012/05/18 00:41:37 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2012/05/18 00:41:37 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2012/05/18 00:41:35 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2012/05/18 00:41:33 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2012/05/18 00:41:32 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2012/05/18 00:41:31 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2012/05/18 00:41:31 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2012/05/18 00:41:31 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2012/05/18 00:41:30 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2012/05/18 00:41:29 | 003,367,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2012/05/18 00:41:29 | 000,863,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2012/05/18 00:41:29 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2012/05/18 00:41:28 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWorkspace.dll
[2012/05/18 00:41:28 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsmf.dll
[2012/05/18 00:41:27 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2012/05/18 00:41:27 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2012/05/18 00:41:26 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2012/05/18 00:41:25 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2012/05/18 00:41:25 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\System32\DShowRdpFilter.dll
[2012/05/18 00:41:25 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2012/05/18 00:41:24 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2012/05/18 00:41:24 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppobjs.dll
[2012/05/18 00:41:24 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2012/05/18 00:41:24 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2012/05/18 00:41:23 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2012/05/18 00:41:23 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2012/05/18 00:41:23 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2012/05/18 00:41:22 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2012/05/18 00:41:22 | 000,508,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2012/05/18 00:41:21 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppwinob.dll
[2012/05/18 00:41:21 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2012/05/18 00:41:21 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfds.dll
[2012/05/18 00:41:21 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2012/05/18 00:41:20 | 002,414,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/05/18 00:41:20 | 000,442,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2012/05/18 00:41:20 | 000,240,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012/05/18 00:41:19 | 001,063,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll
[2012/05/18 00:41:19 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2012/05/18 00:41:19 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2012/05/18 00:41:17 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2012/05/18 00:41:17 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2012/05/18 00:41:17 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2012/05/18 00:41:16 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2012/05/18 00:41:16 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2012/05/18 00:41:16 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2012/05/18 00:41:16 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2012/05/18 00:41:15 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2012/05/18 00:41:15 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2012/05/18 00:41:15 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\calc.exe
[2012/05/18 00:41:15 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2012/05/18 00:41:15 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnike.dll
[2012/05/18 00:41:14 | 000,271,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapi.dll
[2012/05/18 00:41:13 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgprint.dll
[2012/05/18 00:41:13 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prncache.dll
[2012/05/18 00:41:12 | 000,690,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2012/05/18 00:41:12 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2012/05/18 00:41:12 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2012/05/18 00:41:12 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2012/05/18 00:41:12 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2012/05/18 00:41:12 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2012/05/18 00:41:12 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitagent.exe
[2012/05/18 00:41:11 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2012/05/18 00:41:11 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2012/05/18 00:41:11 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2012/05/18 00:41:11 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2012/05/18 00:41:11 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2012/05/18 00:41:10 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2012/05/18 00:41:10 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2012/05/18 00:41:10 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2012/05/18 00:41:10 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2012/05/18 00:41:09 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2012/05/18 00:41:09 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2012/05/18 00:41:09 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2012/05/18 00:41:09 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/05/18 00:41:09 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2012/05/18 00:41:09 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2012/05/18 00:41:09 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2012/05/18 00:41:09 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2012/05/18 00:41:07 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2012/05/18 00:41:07 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXPTaskRingtone.dll
[2012/05/18 00:41:07 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2012/05/18 00:41:07 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2012/05/18 00:41:07 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2012/05/18 00:41:06 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2012/05/18 00:41:06 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2012/05/18 00:41:05 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootres.dll
[2012/05/18 00:41:05 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2012/05/18 00:41:05 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Narrator.exe
[2012/05/18 00:41:05 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2012/05/18 00:41:05 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vaultsvc.dll
[2012/05/18 00:41:05 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2012/05/18 00:41:05 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2012/05/18 00:41:04 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2012/05/18 00:41:04 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2012/05/18 00:41:04 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2012/05/18 00:41:04 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halmacpi.dll
[2012/05/18 00:41:04 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hal.dll
[2012/05/18 00:41:04 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2012/05/18 00:41:04 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2012/05/18 00:41:04 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\proquota.exe
[2012/05/18 00:41:03 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2012/05/18 00:41:03 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2012/05/18 00:41:03 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2012/05/18 00:41:03 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2012/05/18 00:41:03 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2012/05/18 00:41:03 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2012/05/18 00:41:03 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2012/05/18 00:41:03 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2012/05/18 00:41:03 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2012/05/18 00:41:03 | 000,035,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\winusb.sys
[2012/05/18 00:41:02 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll
[2012/05/18 00:41:02 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2012/05/18 00:41:02 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2012/05/18 00:41:01 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2012/05/18 00:41:01 | 001,131,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2012/05/18 00:41:01 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vault.dll
[2012/05/18 00:41:01 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2012/05/18 00:41:01 | 000,132,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2012/05/18 00:41:01 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2012/05/18 00:41:00 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2012/05/18 00:41:00 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2012/05/18 00:41:00 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2012/05/18 00:40:59 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DxpTaskSync.dll
[2012/05/18 00:40:59 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Display.dll
[2012/05/18 00:40:59 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
[2012/05/18 00:40:59 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2012/05/18 00:40:59 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sharemediacpl.dll
[2012/05/18 00:40:59 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012/05/18 00:40:59 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userinit.exe
[2012/05/18 00:40:58 | 001,188,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DiagCpl.dll
[2012/05/18 00:40:58 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2012/05/18 00:40:58 | 000,140,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2012/05/18 00:40:57 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SensorsCpl.dll
[2012/05/18 00:40:57 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2012/05/18 00:40:57 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2012/05/18 00:40:57 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.dll
[2012/05/18 00:40:57 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\biocpl.dll
[2012/05/18 00:40:57 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2012/05/18 00:40:57 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2012/05/18 00:40:57 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2012/05/18 00:40:57 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppcomapi.dll
[2012/05/18 00:40:57 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoncli.dll
[2012/05/18 00:40:57 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2012/05/18 00:40:56 | 000,766,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2012/05/18 00:40:56 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscmmc.dll
[2012/05/18 00:40:55 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2012/05/18 00:40:55 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2012/05/18 00:40:55 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2012/05/18 00:40:55 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll
[2012/05/18 00:40:55 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2012/05/18 00:40:55 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2012/05/18 00:40:55 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2012/05/18 00:40:54 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2012/05/18 00:40:54 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2012/05/18 00:40:54 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2012/05/18 00:40:54 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2012/05/18 00:40:54 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2012/05/18 00:40:54 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2012/05/18 00:40:54 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2012/05/18 00:40:54 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012/05/18 00:40:54 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
[2012/05/18 00:40:54 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2012/05/18 00:40:54 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2012/05/18 00:40:53 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2012/05/18 00:40:53 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2012/05/18 00:40:53 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2012/05/18 00:40:53 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2012/05/18 00:40:53 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL
[2012/05/18 00:40:53 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2012/05/18 00:40:53 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2012/05/18 00:40:53 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2012/05/18 00:40:53 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2012/05/18 00:40:52 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2012/05/18 00:40:52 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\main.cpl
[2012/05/18 00:40:52 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll
[2012/05/18 00:40:52 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2012/05/18 00:40:52 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2012/05/18 00:40:52 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MCEWMDRMNDBootstrap.dll
[2012/05/18 00:40:52 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2012/05/18 00:40:52 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netjoin.dll
[2012/05/18 00:40:51 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2012/05/18 00:40:51 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll
[2012/05/18 00:40:51 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2012/05/18 00:40:51 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slui.exe
[2012/05/18 00:40:51 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2012/05/18 00:40:51 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2012/05/18 00:40:51 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskbarcpl.dll
[2012/05/18 00:40:51 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\defaultlocationcpl.dll
[2012/05/18 00:40:51 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OnLineIDCpl.dll
[2012/05/18 00:40:51 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2012/05/18 00:40:51 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2012/05/18 00:40:51 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2012/05/18 00:40:50 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2012/05/18 00:40:50 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2012/05/18 00:40:50 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenterCPL.dll
[2012/05/18 00:40:50 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2012/05/18 00:40:50 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2012/05/18 00:40:50 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efscore.dll
[2012/05/18 00:40:50 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2012/05/18 00:40:50 | 000,137,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halacpi.dll
[2012/05/18 00:40:50 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recovery.dll
[2012/05/18 00:40:50 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2012/05/18 00:40:50 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2012/05/18 00:40:50 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sisbkup.dll
[2012/05/18 00:40:49 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OobeFldr.dll
[2012/05/18 00:40:49 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdcpl.dll
[2012/05/18 00:40:49 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2012/05/18 00:40:49 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2012/05/18 00:40:49 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceCenter.dll
[2012/05/18 00:40:49 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2012/05/18 00:40:49 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2012/05/18 00:40:49 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2012/05/18 00:40:49 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2012/05/18 00:40:49 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2012/05/18 00:40:48 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2012/05/18 00:40:48 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2012/05/18 00:40:48 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2012/05/18 00:40:48 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2012/05/18 00:40:48 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2012/05/18 00:40:48 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2012/05/18 00:40:48 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2012/05/18 00:40:48 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdboot.exe
[2012/05/18 00:40:47 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2012/05/18 00:40:47 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2012/05/18 00:40:47 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2012/05/18 00:40:47 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2012/05/18 00:40:47 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2012/05/18 00:40:47 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2012/05/18 00:40:46 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2012/05/18 00:40:46 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2012/05/18 00:40:46 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2012/05/18 00:40:45 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2012/05/18 00:40:45 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2012/05/18 00:40:45 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2012/05/18 00:40:45 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2012/05/18 00:40:45 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2012/05/18 00:40:45 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgent.dll
[2012/05/18 00:40:45 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2012/05/18 00:40:45 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2012/05/18 00:40:45 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/05/18 00:40:45 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\isoburn.exe
[2012/05/18 00:40:45 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzutil.exe
[2012/05/18 00:40:44 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2012/05/18 00:40:44 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimgapi.dll
[2012/05/18 00:40:44 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2012/05/18 00:40:44 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2012/05/18 00:40:43 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2012/05/18 00:40:43 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2012/05/18 00:40:43 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2012/05/18 00:40:43 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2012/05/18 00:40:43 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxlib.dll
[2012/05/18 00:40:43 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2012/05/18 00:40:43 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2012/05/18 00:40:42 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2012/05/18 00:40:42 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2012/05/18 00:40:42 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingFolder.dll
[2012/05/18 00:40:42 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanconn.dll
[2012/05/18 00:40:42 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2012/05/18 00:40:42 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2012/05/18 00:40:41 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2012/05/18 00:40:41 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimserv.exe
[2012/05/18 00:40:41 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeResults.exe
[2012/05/18 00:40:41 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2012/05/18 00:40:41 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2012/05/18 00:40:41 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012/05/18 00:40:41 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetapi.dll
[2012/05/18 00:40:41 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2012/05/18 00:40:41 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UserAccountControlSettings.dll
[2012/05/18 00:40:41 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2012/05/18 00:40:41 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acppage.dll
[2012/05/18 00:40:40 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onexui.dll
[2012/05/18 00:40:40 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nltest.exe
[2012/05/18 00:40:40 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2012/05/18 00:40:40 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2012/05/18 00:40:40 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2012/05/18 00:40:40 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2012/05/18 00:40:40 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2012/05/18 00:40:40 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2012/05/18 00:40:40 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnikeapi.dll
[2012/05/18 00:40:39 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2012/05/18 00:40:39 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2012/05/18 00:40:39 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2012/05/18 00:40:39 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFPlay.dll
[2012/05/18 00:40:39 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2012/05/18 00:40:39 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2012/05/18 00:40:39 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2012/05/18 00:40:38 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2012/05/18 00:40:38 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2012/05/18 00:40:38 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2012/05/18 00:40:38 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2012/05/18 00:40:38 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/05/18 00:40:38 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2012/05/18 00:40:38 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2012/05/18 00:40:38 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdmat.dll
[2012/05/18 00:40:38 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpd3d.dll
[2012/05/18 00:40:38 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2012/05/18 00:40:38 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2012/05/18 00:40:37 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceStatus.dll
[2012/05/18 00:40:37 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2012/05/18 00:40:37 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2012/05/18 00:40:37 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2012/05/18 00:40:37 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceSyncProvider.dll
[2012/05/18 00:40:37 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2012/05/18 00:40:37 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012/05/18 00:40:37 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2012/05/18 00:40:37 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2012/05/18 00:40:37 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2012/05/18 00:40:37 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2012/05/18 00:40:37 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2012/05/18 00:40:37 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2012/05/18 00:40:37 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2012/05/18 00:40:37 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\djoin.exe
[2012/05/18 00:40:37 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2012/05/18 00:40:37 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2012/05/18 00:40:36 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2012/05/18 00:40:36 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2012/05/18 00:40:36 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2012/05/18 00:40:36 | 000,257,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe
[2012/05/18 00:40:36 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2012/05/18 00:40:36 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2012/05/18 00:40:36 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiavideo.dll
[2012/05/18 00:40:36 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2012/05/18 00:40:36 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2012/05/18 00:40:36 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapistub.dll
[2012/05/18 00:40:36 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll
[2012/05/18 00:40:36 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2012/05/18 00:40:36 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2012/05/18 00:40:36 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2012/05/18 00:40:35 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012/05/18 00:40:35 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2012/05/18 00:40:35 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2012/05/18 00:40:35 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2012/05/18 00:40:35 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2012/05/18 00:40:35 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2012/05/18 00:40:35 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2012/05/18 00:40:35 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppinst.dll
[2012/05/18 00:40:35 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2012/05/18 00:40:35 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2012/05/18 00:40:35 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cca.dll
[2012/05/18 00:40:34 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2012/05/18 00:40:34 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelPost.exe
[2012/05/18 00:40:34 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2012/05/18 00:40:34 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2012/05/18 00:40:34 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2012/05/18 00:40:34 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2012/05/18 00:40:34 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2012/05/18 00:40:34 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2012/05/18 00:40:34 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2012/05/18 00:40:34 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2012/05/18 00:40:34 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2012/05/18 00:40:34 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PrintIsolationProxy.dll
[2012/05/18 00:40:34 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2012/05/18 00:40:33 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\itircl.dll
[2012/05/18 00:40:33 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsicli.exe
[2012/05/18 00:40:33 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2012/05/18 00:40:33 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2012/05/18 00:40:33 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2012/05/18 00:40:33 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2012/05/18 00:40:33 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2012/05/18 00:40:33 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertPolEng.dll
[2012/05/18 00:40:33 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2012/05/18 00:40:33 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MultiDigiMon.exe
[2012/05/18 00:40:33 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2012/05/18 00:40:33 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll
[2012/05/18 00:40:33 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2012/05/18 00:40:33 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2012/05/18 00:40:33 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2012/05/18 00:40:33 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2012/05/18 00:40:33 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2012/05/18 00:40:33 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nrpsrv.dll
[2012/05/18 00:40:32 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2012/05/18 00:40:32 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSTIFF.dll
[2012/05/18 00:40:32 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2012/05/18 00:40:32 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2012/05/18 00:40:32 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpps.dll
[2012/05/18 00:40:32 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2012/05/18 00:40:32 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tlscsp.dll
[2012/05/18 00:40:32 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2012/05/18 00:40:32 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2012/05/18 00:40:32 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz32.dll
[2012/05/18 00:40:32 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/05/18 00:40:32 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2012/05/18 00:40:32 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2012/05/18 00:40:32 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgentc.exe
[2012/05/18 00:40:31 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppc.dll
[2012/05/18 00:40:31 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2012/05/18 00:40:31 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\manage-bde.exe
[2012/05/18 00:40:31 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\repair-bde.exe
[2012/05/18 00:40:31 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2012/05/18 00:40:31 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2012/05/18 00:40:31 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdiasqmmodule.dll
[2012/05/18 00:40:31 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbrpm.sys
[2012/05/18 00:40:31 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2012/05/18 00:40:31 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2012/05/18 00:40:31 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2012/05/18 00:40:31 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2012/05/18 00:40:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\muifontsetup.dll
[2012/05/18 00:40:30 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2012/05/18 00:40:30 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2012/05/18 00:40:29 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2012/05/18 00:40:29 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2012/05/18 00:40:29 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2012/05/18 00:40:29 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2012/05/18 00:40:29 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2012/05/18 00:40:29 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012/05/18 00:40:29 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2012/05/18 00:40:29 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/05/18 00:40:29 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdprefdrvapi.dll
[2012/05/18 00:40:29 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
[2012/05/18 00:40:28 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2012/05/18 00:40:28 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSMON.dll
[2012/05/18 00:40:28 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elsTrans.dll
[2012/05/18 00:40:28 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TRAPI.dll
[2012/05/18 00:40:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsperf.dll
[2012/05/18 00:40:27 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2012/05/18 00:40:27 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2012/05/18 00:40:27 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schedcli.dll
[2012/05/18 00:40:27 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sscore.dll
[2012/05/18 00:40:26 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2012/05/18 00:40:26 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/05/18 00:40:26 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2012/05/18 00:40:26 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2012/05/18 00:40:26 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2012/05/18 00:40:25 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshirda.dll
[2012/05/18 00:40:24 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2012/05/18 00:40:24 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2012/05/18 00:40:24 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2012/05/18 00:40:23 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPREFDD.dll
[2012/05/18 00:40:23 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\C_ISCII.DLL
[2012/05/18 00:40:23 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shunimpl.dll
[2012/05/18 00:40:23 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2012/05/18 00:40:23 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2012/05/18 00:40:22 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUS.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUGHR1.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTURME.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTAJIK.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMON.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMAORI.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDLT1.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTEL.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINORI.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINKAN.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBULG.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBLR.DLL
[2012/05/18 00:40:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBASH.DLL
[2012/05/18 00:40:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGEO.DLL
[2012/05/18 00:40:21 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2012/05/18 00:40:21 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BlbEvents.dll
[2012/05/18 00:40:21 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pifmgr.dll
[2012/05/18 00:40:21 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2012/05/18 00:40:21 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSG.DLL
[2012/05/18 00:40:21 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbdlk41a.dll
[2012/05/18 00:40:21 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDCZ1.DLL
[2012/05/18 00:40:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUQ.DLL
[2012/05/18 00:40:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUF.DLL
[2012/05/18 00:40:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSF.DLL
[2012/05/18 00:40:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDPO.DLL
[2012/05/18 00:40:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDNEPR.DLL
[2012/05/18 00:40:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINBEN.DLL
[2012/05/18 00:40:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGR1.DLL
[2012/05/18 00:40:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGKL.DLL
[2012/05/18 00:40:21 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTAM.DLL
[2012/05/18 00:40:21 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINMAR.DLL
[2012/05/18 00:40:21 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINHIN.DLL
[2012/05/18 00:40:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnaddr.dll
[2012/05/18 00:39:56 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2012/05/18 00:39:55 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2012/05/18 00:39:41 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2012/05/18 00:39:35 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2012/05/18 00:39:35 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2012/05/18 00:38:57 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2012/05/18 00:38:57 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2012/05/18 00:35:05 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012/05/18 00:35:00 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/05/18 00:35:00 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/05/18 00:34:59 | 002,343,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/05/18 00:34:08 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2012/05/18 00:24:31 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/05/13 12:44:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games

========== Files - Modified Within 30 Days ==========

[2012/06/09 13:17:06 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2902293576-1312171331-523581119-1000UA.job
[2012/06/09 13:11:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2902293576-1312171331-523581119-1000UA.job
[2012/06/09 12:58:16 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/09 12:58:16 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job
[2012/06/09 12:52:54 | 000,014,320 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/09 12:52:54 | 000,014,320 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/09 12:52:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/09 12:49:46 | 000,628,460 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/09 12:49:46 | 000,110,612 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/06/09 12:45:33 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012/06/09 12:45:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/09 12:45:24 | 1504,346,112 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/09 12:44:15 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/09 03:03:13 | 000,000,867 | ---- | M] () -- C:\Users\Quintin\.recently-used.xbel
[2012/06/09 00:11:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2902293576-1312171331-523581119-1000Core.job
[2012/06/08 18:20:39 | 000,001,095 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/06/08 16:17:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2902293576-1312171331-523581119-1000Core.job
[2012/06/03 16:11:42 | 000,405,744 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/05/28 01:15:12 | 000,002,376 | ---- | M] () -- C:\Users\Quintin\Desktop\Google Chrome.lnk
[2012/05/28 01:11:25 | 000,002,733 | ---- | M] () -- C:\Users\Public\Desktop\Run Audiosurf.lnk
[2012/05/18 09:46:07 | 000,001,330 | ---- | M] () -- C:\Users\Quintin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
[2012/05/18 03:48:21 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msclmd.dll

========== Files Created - No Company Name ==========

[2012/06/09 03:03:13 | 000,000,867 | ---- | C] () -- C:\Users\Quintin\.recently-used.xbel
[2012/06/08 18:20:39 | 000,001,095 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/05/28 01:11:25 | 000,002,733 | ---- | C] () -- C:\Users\Public\Desktop\Run Audiosurf.lnk
[2012/05/18 00:41:35 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012/05/18 00:40:28 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2012/05/18 00:40:19 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2012/04/18 01:29:31 | 000,000,264 | ---- | C] () -- C:\Windows\System32\PSUNCpl.dat
[2012/01/29 21:06:43 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2011/07/12 14:02:16 | 000,232,496 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2011/06/10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011/06/09 22:53:55 | 000,032,256 | ---- | C] () -- C:\Users\Quintin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/11 22:22:35 | 000,000,256 | ---- | C] () -- C:\Windows\System32\pool.bin
[2011/03/31 11:14:50 | 000,007,666 | ---- | C] () -- C:\Users\Quintin\AppData\Local\Resmon.ResmonCfg
[2010/12/27 00:36:33 | 000,040,960 | R--- | C] () -- C:\Windows\System32\psfind.dll
[2010/12/25 11:06:17 | 000,409,600 | ---- | C] ( ) -- C:\Windows\System32\lxducoin.dll
[2010/12/25 11:05:21 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxduvs.dll
[2010/12/25 11:04:16 | 001,036,288 | ---- | C] () -- C:\Windows\System32\lxdudrs.dll
[2010/12/25 11:04:16 | 000,081,920 | ---- | C] () -- C:\Windows\System32\lxducaps.dll
[2010/12/25 11:04:16 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxducnv4.dll
[2010/12/25 11:03:58 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LXDUPMON.DLL
[2010/12/25 11:03:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXDUFXPU.DLL
[2010/12/25 11:03:38 | 000,086,016 | ---- | C] () -- C:\Windows\System32\lxduoem.dll
[2010/12/25 11:01:24 | 000,000,044 | ---- | C] () -- C:\Windows\System32\lxdurwrd.ini
[2010/12/25 10:59:44 | 000,446,464 | ---- | C] ( ) -- C:\Windows\System32\LXDUhcp.dll
[2010/12/25 10:59:44 | 000,389,120 | ---- | C] () -- C:\Windows\System32\LXDUinst.dll
[2010/12/25 10:59:44 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxduinpa.dll
[2010/12/25 10:59:44 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxduiesc.dll
[2010/12/25 10:59:43 | 001,069,056 | ---- | C] ( ) -- C:\Windows\System32\lxduserv.dll
[2010/12/25 10:59:43 | 000,860,160 | ---- | C] ( ) -- C:\Windows\System32\lxduusb1.dll
[2010/12/25 10:59:42 | 000,651,264 | ---- | C] ( ) -- C:\Windows\System32\lxdupmui.dll
[2010/12/25 10:59:42 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxdulmpm.dll
[2010/12/25 10:59:41 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxduhbn3.dll
[2010/12/25 10:59:41 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\lxduih.exe
[2010/12/25 10:59:40 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdugrd.dll
[2010/12/25 10:59:39 | 000,589,824 | ---- | C] ( ) -- C:\Windows\System32\lxducoms.exe
[2010/12/25 10:59:38 | 000,761,856 | ---- | C] ( ) -- C:\Windows\System32\lxducomc.dll
[2010/12/25 10:59:38 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxducomm.dll
[2010/12/25 10:59:38 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxducfg.exe
[2010/12/25 00:49:47 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/09/30 03:02:00 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2010/09/30 02:53:32 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2010/09/30 02:46:00 | 000,045,056 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2010/09/30 02:43:29 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat

< End of report >

:notworthy:

:notworthy

QRAyres

#9 Conspire

SuperHelper

Retired Classroom Teacher
5,806 posts

Posted 09 June 2012 - 06:43 AM

Do you have working start menu?

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may

#10 Squirrel1693

Authentic Member

Authentic Member
20 posts

Posted 09 June 2012 - 08:06 AM

Nope I do not.

QRAyres

Advertisements

Register to Remove

#11 Conspire

SuperHelper

Retired Classroom Teacher
5,806 posts

Posted 09 June 2012 - 09:46 AM

Important question, did you face any fake AV alerting you to purchase their software? I read the thread you created in our tech forum and it appears that you did not face such problem, so I just want to clarify if it's purely a corrupted system file or malware related case.

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may

#12 Squirrel1693

Authentic Member

Authentic Member
20 posts

Posted 09 June 2012 - 10:36 AM

Nope I did not, I used to have Panda Antivirus 2011, it expired (which meant i couldn't update it further) so instead of renewing the subscription, I instead opted to download their Free Cloud Antivirus. I don't know if this helps, but this is all that I have done relating AV.

QRAyres

#13 Conspire

SuperHelper

Retired Classroom Teacher
5,806 posts

Posted 09 June 2012 - 10:41 AM

Then I can safely conclude it is not malware related case. You can refer back to Ztruker for more assistance regarding your problem.

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may

#14 Squirrel1693

Authentic Member

Authentic Member
20 posts

Posted 09 June 2012 - 10:52 AM

So I just reply on my other post then??

QRAyres

#15 Squirrel1693

Authentic Member

Authentic Member
20 posts

Posted 09 June 2012 - 10:54 AM

Oh btw, thank you for your assistance really appreciate it, 5 Star Rating for you

QRAyres

Body Background

skin color theme